Firmware Security Vulnerabilities
An authentication bypass in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an unauthenticated attacker to obtain an administrative session via a protection mechanism failure in the authentication function......
9.8CVSS
9.5AI Score
0.001EPSS
A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an authenticated attacker to execute arbitrary SQL queries on the backend database via the filter parameter in requests to the....
8.8CVSS
8.9AI Score
0.001EPSS
An OS command injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an administrator to execute arbitrary OS commands via a file name parameter in a patch application function. The...
7.2CVSS
7.5AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqos_express_devices/smartqos_normal_devices leads to deserialization. It is possible....
8.8CVSS
8.6AI Score
0.001EPSS
A vulnerability has been found in D-Link DAR-7000 up to 20231126 and classified as critical. This vulnerability affects unknown code of the file /user/inc/workidajax.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used....
9.8CVSS
9.6AI Score
0.001EPSS
A vulnerability was found in Byzoro S210 up to 20231123. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php of the component HTTP POST Request Handler. The manipulation of the argument file_upload leads to unrestricted upload. The attack can.....
8.8CVSS
8.7AI Score
0.001EPSS
A vulnerability was found in Byzoro PatrolFlow 2530Pro up to 20231126. It has been rated as problematic. This issue affects some unknown processing of the file /log/mailsendview.php. The manipulation of the argument file with the input /boot/phpConfig/tb_admin.txt leads to path traversal. The...
4.3CVSS
4.7AI Score
0.001EPSS
A vulnerability was found in Byzoro S210 up to 20231121. It has been classified as critical. This affects an unknown part of the file /Tool/repair.php of the component HTTP POST Request Handler. The manipulation of the argument txt leads to sql injection. It is possible to initiate the attack...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability was found in Byzoro Smart S20 up to 20231120 and classified as critical. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php of the component HTTP POST Request Handler. The manipulation of the argument 1_file_upload leads to unrestricted upload.....
8.8CVSS
8.6AI Score
0.001EPSS
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause...
7.5CVSS
7.6AI Score
0.0005EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function...
9.8CVSS
9.6AI Score
0.001EPSS
The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's...
7.5CVSS
5.3AI Score
0.0004EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function...
9.8CVSS
9.6AI Score
0.001EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function...
9.8CVSS
9.6AI Score
0.002EPSS
Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function...
9.8CVSS
9.5AI Score
0.001EPSS
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function...
9.8CVSS
9.7AI Score
0.001EPSS
Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function...
9.8CVSS
9.6AI Score
0.002EPSS
The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request...
8.8CVSS
8.5AI Score
0.001EPSS
The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary...
8.8CVSS
8.6AI Score
0.001EPSS
A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing...
7.5CVSS
7.5AI Score
0.001EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function...
9.8CVSS
9.6AI Score
0.001EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function...
9.8CVSS
9.6AI Score
0.001EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function...
9.8CVSS
9.6AI Score
0.001EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function...
9.8CVSS
9.6AI Score
0.001EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function via the function...
9.8CVSS
9.6AI Score
0.001EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function...
9.8CVSS
9.7AI Score
0.002EPSS
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function...
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at...
9.8CVSS
9.4AI Score
0.001EPSS
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at...
9.8CVSS
9.7AI Score
0.007EPSS
9.8CVSS
9.6AI Score
0.007EPSS
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at...
9.8CVSS
9.7AI Score
0.007EPSS
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'deviceList' parameter at...
9.8CVSS
9.4AI Score
0.001EPSS
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at...
9.8CVSS
9.4AI Score
0.001EPSS
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at...
9.8CVSS
9.4AI Score
0.001EPSS
Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at...
9.8CVSS
9.7AI Score
0.007EPSS
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at...
9.8CVSS
9.6AI Score
0.001EPSS
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at...
9.8CVSS
9.7AI Score
0.007EPSS
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg...
9.8CVSS
9.6AI Score
0.001EPSS
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin...
7.2CVSS
6.9AI Score
0.001EPSS
The affected devices use publicly available default credentials with administrative...
9.8CVSS
9.4AI Score
0.001EPSS
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at...
9.8CVSS
9.6AI Score
0.001EPSS
In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive...
7.5CVSS
7.5AI Score
0.002EPSS
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network...
9.1CVSS
8.9AI Score
0.001EPSS
TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary...
9.8CVSS
9.6AI Score
0.003EPSS
A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions,...
6.1CVSS
6.3AI Score
0.0005EPSS
Maxima Max Pro Power 1.0 486A devices allow BLE traffic replay. An attacker can use GATT characteristic handle 0x0012 to perform potentially disruptive actions such as starting a Heart Rate...
4.3CVSS
4.6AI Score
0.001EPSS
TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary...
8.8CVSS
8.9AI Score
0.001EPSS
The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions. Successful exploitation of this vulnerability may allow attackers to access restricted...
8.8CVSS
8.7AI Score
0.001EPSS
Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect...
9.8CVSS
9.7AI Score
0.002EPSS