Latest Security News about improper access control

Contact US For API Security>

Improper access control checks for Nextcloud Server

Overview : A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received. Affected Product(s) : Nextcloud Server 14.0.3 Vulnerability Details : CVE ID : CVE-2020-8122 Risk level:Low CVSS v3 Base Score:4.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) CWE:Improper Access Control – Generic (CWE-284) Solution : It is recommended […]

Contact US For API Security>

Buffer Overflow vulnerability in Advantech WebAccess

Overview : In WebAccess versions 8.4.1 and prior, multiple stack based buffer overflow vulnerabilities are detected by a lack of proper validation of the length of user given data. Exploitation of these vulnerabilities will allow remote code execution. Affected Product(s) : WebAccess versions 8.4.1 Vulnerability Details : Code Injection, Command Injection, Stack-based Buffer Overflow, Improper […]

Contact US For API Security>

Moxa EDR 810 Series vulnerabilities

Overview : Moxa EDR 810 Series Improper Input Validation and Improper Access Control vulnerabilities Affected Product(s) : EDR-810: All versions 5.1 and prior Vulnerability Details : CVE ID : CVE-2019-10963 Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may […]