Show filters
22 Total Results
Displaying 11-20 of 22
Sort by:
Attacker Value
Unknown

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN700…

Disclosure Date: July 13, 2018 (last updated November 27, 2024)
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem.
0
0
Attacker Value
Unknown

CVE-2013-6034

Disclosure Date: February 04, 2014 (last updated October 05, 2023)
The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for attackers to obtain unspecified login access via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2013-6035

Disclosure Date: February 04, 2014 (last updated October 05, 2023)
The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals does not require authentication for sessions on TCP port 1827, which allows remote attackers to execute arbitrary code via unspecified protocol operations.
0
0
Attacker Value
Unknown

CVE-2008-0146

Disclosure Date: January 08, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the top-level URI.
0
0
Attacker Value
Unknown

CVE-2002-2400

Disclosure Date: December 31, 2002 (last updated February 22, 2025)
Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request.
0
0
Attacker Value
Unknown

CVE-2001-1225

Disclosure Date: December 26, 2001 (last updated February 22, 2025)
Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried.
0
0
Attacker Value
Unknown

CVE-2001-0580

Disclosure Date: August 22, 2001 (last updated February 22, 2025)
Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote attacker to create a denial of service by connecting to port 6070, sending some data, and closing the connection.
0
0
Attacker Value
Unknown

CVE-2000-0012

Disclosure Date: December 27, 1999 (last updated February 22, 2025)
Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands.
0
0
Attacker Value
Unknown

CVE-1999-1469

Disclosure Date: September 30, 1999 (last updated February 22, 2025)
Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
0
0
Attacker Value
Unknown

CVE-1999-0753

Disclosure Date: August 17, 1999 (last updated February 22, 2025)
The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories.
0
0
View More Topics  < Previous  Next >