CVE-2024-12728 : SOPHOS FIREWALL UP TO 20.0 MR2 SSH WEAK CREDENTIALS
Description A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0.3). References https://www.sophos.com/en-us/security-advisories/sophos-sa-20241219-sfos-rce For More Information CVERecord
CVE-2021-26102 : FORTINET FORTIWAN UP TO 4.4.1/4.5.7 POST REQUEST AUTHENTICATION BYPASS
Description A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. In particular, deleting specific configuration files will reset the Admin password to its default value. References https://fortiguard.fortinet.com/psirt/FG-IR-21-048 For More Information CVERecord
CVE-2024-35141 : IBM SECURITY VERIFY ACCESS DOCKER UP TO 10.0.6 UNNECESSARY PRIVILEGES
Description IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. References https://www.ibm.com/support/pages/node/7155356 For More Information CVERecord
CVE-2023-23356 : QNAP QUFIREWALL UP TO 2.3.2 COMMAND INJECTION
Description A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QuFirewall 2.3.3 ( 2023/03/27 ) and later and later. References https://www.qnap.com/en/security-advisory/qsa-23-14 For More […]