>> ARCHIVE: 2018-10

Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers…

HaPe PKH version 1.1 suffers from a cross site request forgery vulnerability.

Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with…

HaPe PKH version 1.1 suffers from a remote shell upload vulnerability.

Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization.

SugarCRM version 6.5.26 suffers from a cross site scripting vulnerability.

NoMachine versions 5.3.26 and below suffer from a remote code execution vulnerability when opening a malicious .nxs file.

D-Link DSL-2640T suffers from a cross site scripting vulnerability.

An independent vulnerability laboratory researcher discovered a local buffer overflow vulnerability in the official Easy…

WAGO 750-881 01.09.18 suffers from a cross site scripting vulnerability.