An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter.Read More ...
Continue ReadingJuly 17, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading DWG files in a recovery mode. An attacker can leverage this vulnerab ...
Continue ReadingJuly 17, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2023.2. An Out-of-Bounds Read vulnerability exists when rendering a .dwg file after it's opened in the recovery mode. An attacker ca ...
Continue ReadingJuly 17, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2023.3. An Out-of-Bounds Read vulnerability exists when reading a DWG file with an invalid vertex number in a recovery mode. An atta ...
Continue ReadingJuly 17, 2022
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.Read More ...
Continue ReadingJuly 17, 2022
An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request (CSR) action.Read More ...
Continue ReadingJuly 17, 2022
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded credentials to the web application. Because these accounts cannot be d ...
Continue ReadingJuly 17, 2022
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.Read More ...
Continue ReadingJuly 17, 2022
Back to Main