8.7
CVE-2020-36896 - QiHang Media Web Digital Signage 3.0.9 Cleartext Credentials Disclosure
QiHang Media Web Digital Signage 3.0.9 contains a cleartext credentials vulnerability that allows unauthenticated attackers to access administrative login information through an unprotected XML file. Attackers can retrieve hardcoded admin credentials by requesting the '/xml/User/User.xml' file, enaβ¦
8.7
CVE-2020-36895 - EIBIZ i-Media Server Digital Signage 3.8.0 Unauthenticated Configuration Disclosure
EIBIZ i-Media Server Digital Signage 3.8.0 contains an unauthenticated configuration disclosure vulnerability that allows remote attackers to access sensitive configuration files via direct object reference. Attackers can retrieve the SiteConfig.properties file through an HTTP GET request, exposingβ¦
9.3
CVE-2020-36894 - Eibiz i-Media Server Digital Signage 3.8.0 Unauthenticated User Creation Vulnerability
Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through AMF-encoded object manipulation. Attackers can send crafted serialized objects to the /messagebroker/amf endpoint to create administrative uβ¦
8.7
CVE-2020-36893 - Eibiz i-Media Server Digital Signage 3.8.0 Directory Traversal Vulnerability
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that allows unauthenticated remote attackers to access files outside the server's root directory. Attackers can exploit the 'oldfile' GET parameter to view sensitive configuration files like web.xml and system fβ¦
9.3
CVE-2020-36892 - Eibiz i-Media Server Digital Signage 3.8.0 Unauthenticated Privilege Escalation
Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation vulnerability in the updateUser object that allows attackers to modify user roles. Attackers can exploit the /messagebroker/amf endpoint to elevate privileges and take over user accounts by manipulating roleβ¦
6.9
CVE-2020-36888 - SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration via Login Script
SpinetiX Fusion Digital Signage 3.4.8 contains a username enumeration vulnerability in its login script that allows attackers to identify valid user accounts. Attackers can send crafted login requests with different usernames to distinguish between existing and non-existing accounts by analyzing thβ¦
8.7
CVE-2020-36887 - SpinetiX Fusion Digital Signage 3.4.8 Unauthenticated Database Backup Disclosure
SpinetiX Fusion Digital Signage 3.4.8 contains an unauthenticated information disclosure vulnerability in the database backup directory. Attackers can access the /content/files/backups/ endpoint to download sensitive backup files containing user credentials and system information.
6.9
CVE-2020-36886 - SpinetiX Fusion Digital Signage 3.4.8 Cross-Site Request Forgery via User Creation
SpinetiX Fusion Digital Signage 3.4.8 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without proper request validation. Attackers can craft a malicious web page that automatically submits a form to create a new admin user with full sβ¦
9.3
CVE-2020-36885 - Sony IPELA Network Camera 1.82.01 Remote Stack Buffer Overflow via ftpclient.cgi
Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.cgi endpoint that allows remote attackers to execute arbitrary code. Attackers can exploit the vulnerability by sending a crafted POST request with oversized data to the FTP client functionality, potenβ¦
6.9
CVE-2020-36884 - BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF
BrightSign Digital Signage Diagnostic Web Server 8.2.26 and less contains an unauthenticated server-side request forgery vulnerability in the 'url' GET parameter of the Download Speed Test service. Attackers can specify external domains to bypass firewalls and perform network enumeration by forcingβ¦