Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the...
4.9CVSS
4.8AI Score
0.001EPSS
Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an...
4.3CVSS
4.5AI Score
0.001EPSS
Affected products do not properly validate the content of uploaded X509 certificates which could allow an attacker with administrative privileges to execute arbitrary code on the...
7.2CVSS
7.2AI Score
0.001EPSS
Affected devices do not properly validate the length of inputs when performing certain configuration changes in the web interface allowing an authenticated attacker to cause a denial of service condition. The device needs to be restarted for the web interface to become available...
6.5CVSS
4.9AI Score
0.001EPSS
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this...
9.8CVSS
9.6AI Score
0.001EPSS
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this...
9.8CVSS
9.6AI Score
0.001EPSS
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this...
9.8CVSS
9.6AI Score
0.001EPSS
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this...
9.8CVSS
9.6AI Score
0.001EPSS
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this...
9.8CVSS
9.3AI Score
0.001EPSS
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this...
9.8CVSS
9.7AI Score
0.001EPSS
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new....
7.5CVSS
7.6AI Score
0.002EPSS
Directory traversal vulnerability in MCL-Net versions prior to 4.6 Update Package (P01) may allow attackers to read arbitrary...
8.3CVSS
7.4AI Score
0.001EPSS
7.5CVSS
7.3AI Score
0.002EPSS
8.8CVSS
8.8AI Score
0.002EPSS
8.8CVSS
9.2AI Score
0.002EPSS
7.5CVSS
7.3AI Score
0.001EPSS
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /cgi-bin/login.cgi endpoint. This is due to...
9.8CVSS
9.9AI Score
0.047EPSS
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is due to mishandling...
9.8CVSS
9.9AI Score
0.047EPSS
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpn_html/loadfile.php endpoint. This issue is exploitable by a remote and unauthenticated...
6.5CVSS
7.7AI Score
0.001EPSS
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length...
5.3CVSS
5.5AI Score
0.001EPSS
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access administrative functionality by sending HTTP requests using a crafted Y-forwarded-for...
9.8CVSS
6.9AI Score
0.001EPSS
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October...
6.5CVSS
6.6AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.8CVSS
8.2AI Score
0.001EPSS
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by...
7.5CVSS
7.5AI Score
0.001EPSS
7.4CVSS
6.3AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.001EPSS
7.5CVSS
7.2AI Score
0.001EPSS
7.5CVSS
7.7AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.008EPSS
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS...
6.1CVSS
5.9AI Score
0.001EPSS
The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host...
6.5CVSS
7AI Score
0.001EPSS
8.1CVSS
7.8AI Score
0.001EPSS
8.1CVSS
8.2AI Score
0.001EPSS
A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default port 5080, allows attackers to gain sensitive information about the configured databases via the "/file"...
5.3CVSS
5.2AI Score
0.082EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.002EPSS
7.8CVSS
8.7AI Score
0.002EPSS
7.8CVSS
8.2AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
7.5CVSS
7.7AI Score
0.001EPSS
7.3CVSS
7.5AI Score
0.002EPSS
6.5CVSS
6.8AI Score
0.001EPSS
7.3CVSS
7.4AI Score
0.001EPSS
7.3CVSS
7.7AI Score
0.001EPSS