CVSS: 9.0EPSS: 14%CPEs: 1EXPL: 0CVE-2020-17387 – Marvell QConvergeConsole writeObjectToConfigFile Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17387
10 Aug 2020 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the writeObjectToConfigFile method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerabilit... • https://www.marvell.com/content/dam/marvell/en/public-collateral/fibre-channel/marvell-fibre-channel-security-advisory-2020-07.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 4%CPEs: 1EXPL: 0CVE-2020-17388 – Marvell QConvergeConsole Exposed Dangerous Method or Function Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-17388
10 Aug 2020 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tomcat configuration file. The issue results from the lack of proper restriction to the Tomcat admin console. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://www.marvell.com/content/dam/marvell/en/public-collateral/fibre-channel/marvell-fibre-channel-security-advisory-2020-07.pdf • CWE-749: Exposed Dangerous Method or Function •
CVSS: 9.0EPSS: 14%CPEs: 1EXPL: 0CVE-2020-17389 – Marvell QConvergeConsole GWTTestServiceImpl decryptFile Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17389
10 Aug 2020 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the decryptFile method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute... • https://www.marvell.com/content/dam/marvell/en/public-collateral/fibre-channel/marvell-fibre-channel-security-advisory-2020-07.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2019-13582
https://notcve.org/view.php?id=CVE-2019-13582
15 Nov 2019 — An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution. Se descubrió un problema en el firmware de Marvell 88W8688 Wi-Fi versiones anteriores a p52, como es usado en los vehículos Tesla Model S/X fabricados antes de marzo de 2018, por medio del módulo Parrot Faurecia Automotive FC6050W. Un de... • https://www.marvell.com/documents/ioaj5dntk2ubykssa78s • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2019-13581
https://notcve.org/view.php?id=CVE-2019-13581
15 Nov 2019 — An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary code via malformed Wi-Fi packets. Se descubrió un problema en el firmware de Marvell 88W8688 Wi-Fi versiones anteriores a p52, como es usado en los vehículos Tesla Model S/X fabricados antes de marzo de 2018, por... • https://keenlab.tencent.com/en/2020/01/02/exploiting-wifi-stack-on-tesla-model-s • CWE-787: Out-of-bounds Write •
CVSS: 4.6EPSS: 0%CPEs: 38EXPL: 0CVE-2019-10637
https://notcve.org/view.php?id=CVE-2019-10637
05 Jun 2019 — Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098) devices are vulnerable in manipulating a combination of IO pins to bypass the secure boot protection mechanism. Los dispositivos Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88S... • https://www.marvell.com/documents/x9g4hrszt5ls3udbe1eo •
CVSS: 4.9EPSS: 0%CPEs: 38EXPL: 0CVE-2019-10636
https://notcve.org/view.php?id=CVE-2019-10636
04 Jun 2019 — Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098) devices allow reprogramming flash memory to bypass the secure boot protection mechanism. SSD Marvell Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 8... • https://www.marvell.com/documents/x9g4hrszt5ls3udbe1eo • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 3%CPEs: 10EXPL: 2CVE-2019-6496
https://notcve.org/view.php?id=CVE-2019-6496
19 Jan 2019 — The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of the host application processor in some cases, but this depends on several factors including host OS hardening and the availability of DMA. El firmware bas... • http://www.securityfocus.com/bid/106865 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-5738
https://notcve.org/view.php?id=CVE-2015-5738
26 Jul 2016 — The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. La implementación de RSA-CRT en Cavium Software Development Kit (SDK) 2.x cuando es utilizada en Hardware OCTEON II CN6xxx en Linux para soporte TLS con Perfect Forward Secrecy (PFS), facilita a atacantes remotos obtener claves... • http://fortiguard.com/advisory/rsa-crt-key-leak-under-certain-conditions • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2007-5475
https://notcve.org/view.php?id=CVE-2007-5475
12 Nov 2009 — Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements. Múltiples desbordamientos de búfer en el driver inalámbrico Marvell, tal como se ... • http://secunia.com/advisories/37345 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •