ZEN SOFTWARE MDAEMON CODE
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Successful exploit could lead to the remote execution of arbitrary code. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Huawei HG532 with some customized versions has a remote code execution vulnerability. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. The specific flaw exists within an exposed RMI registry, which listens on TCP ports 18 by default. Authentication is not required to exploit this vulnerability. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. MikroTik RouterBOARD v6.39.2 and v6.40.5 allows an unauthenticated remote attacker to cause a denial of service by connecting to TCP port 53 and sending data that begins with many '\0' characters, possibly related to DNS. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
This issue affects Apache Airflow = V7.1 = V2.5 = V2.0 and = V2.0 and id command results in a ok response.īMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. This logging server had no authentication and allows reading log files of DAG jobs. If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's choice. ĭell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. NOTE: the vendor has disputed this as described in. ** DISPUTED ** The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. The attack does not require authentication or any special foothold in the caller's or the callee's network. By abusing this vulnerability, an attacker is able to disconnect any ongoing calls that are using SRTP. The call disconnection occurs due to line 6331 in the source file `switch_rtp.c`, which disconnects the call when the total number of SRTP errors reach a hard-coded threshold (100). This issue was reproduced when using the SDES key exchange mechanism in a SIP environment as well as when using the DTLS key exchange mechanism in a WebRTC environment. When a media port that is handling SRTP traffic is flooded with a specially crafted SRTP packet, the call is terminated leading to denial of service.
This attack can be done continuously, thus denying encrypted calls during the attack.
When handling SRTP calls, FreeSWITCH prior to version 1.10.7 is susceptible to a DoS where calls can be terminated by remote attackers. A Dask cluster created using this method (when running on a machine that has an applicable port exposed) could be used by a sophisticated attacker to achieve remote code execution.įreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Single machine Dask clusters started with or (which defaults to using LocalCluster) would mistakenly configure their respective Dask workers to listen on external interfaces (typically with a randomly selected high port) rather than only on localhost. An issue was discovered in the Dask distributed package before 2021.10.0 for Python.