16 results (0.001 seconds)

CVSS: 10.0EPSS: 97%CPEs: 139EXPL: 43

CVE-2019-0708 – Microsoft Remote Desktop Services Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2019-0708

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. Existe una vulnerabilidad de ejecución remota de código en Remote Desktop Services, anteriormente conocido como Terminal Services, cuando un atacante no autenticado se conecta al sistema de destino mediante RDP y envía peticiones especialmente diseñadas, conocida como 'Remote Desktop Services Remote Code Execution Vulnerability'. The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause a use-after-free. With a controllable data/size remote nonpaged pool spray, an indirect call gadget of the freed channel is used to achieve arbitrary code execution. Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests. • https://www.exploit-db.com/exploits/47120 https://www.exploit-db.com/exploits/46946 https://www.exploit-db.com/exploits/47416 https://www.exploit-db.com/exploits/47683 https://github.com/k8gege/CVE-2019-0708 https://github.com/n1xbyte/CVE-2019-0708 https://github.com/victor0013/CVE-2019-0708 https://github.com/cbwang505/CVE-2019-0708-EXP-Windows https://github.com/Leoid/CVE-2019-0708 https://github.com/p0p0p0/CVE-2019-0708-exploit https://github.com/worawit • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 40EXPL: 0

CVE-2018-7943

https://notcve.org/view.php?id=CVE-2018-7943

There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege. Hay una vulnerabilidad de omisión de autenticación en algunos servidores Huawei. Un atacante remoto con pocos privilegios podría omitir la autenticación por medio de algunas operaciones especiales. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-server-en • CWE-287: Improper Authentication •

CVSS: 9.0EPSS: 0%CPEs: 40EXPL: 0

CVE-2018-7951

https://notcve.org/view.php?id=CVE-2018-7951

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system. iBMC (Intelligent Baseboard Management Controller) en algunos servidores Huawei tiene una vulnerabilidad de inyección JSON debido a una validación de entradas insuficiente. Un atacante remoto autenticado puede desencadenar una inyección JSON para modificar la contraseña del administrador. Su explotación con éxito podría permitir que atacantes obtengan el privilegio de gestión del sistema. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-02-server-en • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.0EPSS: 0%CPEs: 40EXPL: 0

CVE-2018-7950

https://notcve.org/view.php?id=CVE-2018-7950

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system. iBMC (Intelligent Baseboard Management Controller) en algunos servidores Huawei tiene una vulnerabilidad de inyección JSON debido a una validación de entradas insuficiente. Un atacante remoto autenticado puede desencadenar una inyección JSON para modificar la contraseña del administrador. Su explotación con éxito podría permitir que atacantes obtengan el privilegio de gestión del sistema. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-02-server-en • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.8EPSS: 0%CPEs: 40EXPL: 0

CVE-2018-7949

https://notcve.org/view.php?id=CVE-2018-7949

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables low privileged users to get or modify passwords of highly privileged users. iBMC (Intelligent Baseboard Management Controller) en algunos servidores Huawei tiene una vulnerabilidad de escalado de privilegios. Un atacante remoto no autenticado podría enviar algunos mensajes de inicio de sesión especialmente manipulados a los productos afectados. Debido al diseño de autenticación incorrecto, su explotación exitosa permitir que usuarios con bajos privilegios obtengan o modifiquen contraseñas de usuarios con muchos privilegios. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-03-server-en • CWE-287: Improper Authentication •