Start Cisco wap4410n validating identity

Cisco wap4410n validating identity

Schneider Electric Modicon TM221CE16R devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp).

This vulnerability affects the following Cisco products: Connected Grid Network Management System, if running a software release prior to Io T-FND Release 4.0; Io T Field Network Director, if running a software release prior to Io T-FND Release 4.0. A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service (Do S) condition on an affected system.

The vulnerability is due to a lack of rate-limiting functionality in the TCP Listen application of the affected software.

If enough available memory is consumed, the system will restart, creating a temporary denial of service (Do S) condition.

The Do S condition will end after the device has finished the restart process.

The input interface queue will stop holding UDP packets when it receives 250 packets. Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12 , RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware before; RT-AC68W routers with firmware before; and RT-N600, RT-N12 B1, RT-N11P B1, RT-N12VP B1, RT-N12E C1, RT-N300 B1, and RT-N12 Pro routers with firmware before; and Asuswrt-Merlin firmware before 380.65_2 allow remote attackers to execute arbitrary code on the router via a long host or port in crafted multicast messages.

A vulnerability in the Universal Plug-and-Play (UPn P) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (Do S) condition.

The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69, as demonstrated by a WRQ (aka Write request) operation for a configuration file or an executable file.

A vulnerability was discovered in Siemens View Port for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the permissions of the operating-system user running the web server by sending specially crafted network packets to port 443/TCP or port 80/TCP.

Open On-Chip Debugger (Open OCD) 0.10.0 does not block attempts to use HTTP POST for sending data to port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site. An attacker can execute different unauthenticated remote operations because of the Co De Sys Runtime application, which is available via network by default on Port 2455.

An Improper Authentication issue was discovered in WAGO PFC200 Series 3S Co De Sys Runtime versions 2.3. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455.

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.