CVE-2019-16261

Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE: the vendor's position is that a newer firmware version, fixing this vulnerability, had already been released before this vulnerability report about 12.04.0053.

Publication date: Thu, 12 Sep 2019 20:15:00 +0000

Cyber News related to CVE-2019-16261

CVE-2019-16261 - Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE: the vendor's position is that a newer ...
5 years ago

CVE-2018-16261 - In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust. ...
5 years ago

CVE-2020-16261 - Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access. ...
3 years ago

CVE-2017-16261 - Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based ...
2 years ago

CVE-2019-1015 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1016 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-0977 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-1009, ...
5 years ago

CVE-2019-1013 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1046 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1050 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1049 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1048 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1047 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1010 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1011 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1012 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-1009 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, ...
5 years ago

CVE-2019-0968 - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0977, CVE-2019-1009, ...
4 years ago

CVE-2019-18299 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18298 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18291 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18292 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18294 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18290 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

CVE-2019-18304 - A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This ...
2 years ago

Latest Cyber News

BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 50 minutes ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 2 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 3 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 4 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 5 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 5 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 8 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 8 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 8 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 9 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 9 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 11 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 11 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 12 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 12 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 13 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 14 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 14 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 14 hours ago
CVE-2025-1207 - 15 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 50 minutes ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 2 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 3 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 4 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 5 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 5 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 8 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 8 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 8 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 9 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 9 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 12 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 14 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 13 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 12 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 11 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 14 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 14 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 11 hours ago
CVE-2023-40721 - 1 day ago