CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

RedhatCVE•added 2026/01/09 9:54 a.m.•4 views

CVE-2020-10248

BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to valusers.php3...

7.5CVSS7.2AI score0.00542EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:51 a.m.•2 views

CVE-2020-10250

BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3...

10CVSS8.1AI score0.03253EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-2704

Malware in sbrugna...

5.3CVSS5.6AI score0.00356EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-2705

Malware in sbrugna...

10CVSS9.2AI score0.03253EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-2703

Malware in sbrugna...

7.5CVSS7.5AI score0.00542EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 4:5 p.m.•3 views

CVE-2020-10249

BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to valsoft.php3...

5.3CVSS7AI score0.00356EPSS

Exploits1References1

CNVD•added 2020/03/10 12:0 a.m.•1 views

BWA DiREX-Pro Path Disclosure Vulnerability

BWA Technology DiREX-Pro is a network video recorder from BWA Technology, Germany. A security vulnerability exists in BWA Technology DiREX-Pro version 1.2181. An attacker can exploit the vulnerability by sending an invalid 'name' parameter to the valsoft.php3 file to obtain the full path...

5.3CVSS6.8AI score0.00356EPSS

Exploits1References1

CNVD•added 2020/03/10 12:0 a.m.•1 views

BWA DiREX-Pro Remote Code Execution Vulnerability

BWA Technology DiREX-Pro is a network video recorder from BWA Technology, Germany. A security vulnerability exists in BWA Technology DiREX-Pro version 1.2181. The vulnerability can be exploited by a remote attacker to execute arbitrary operating system commands by sending the 'PKG' parameter with...

10CVSS7.6AI score0.03253EPSS

Exploits1References1

CNVD•added 2020/03/10 12:0 a.m.•1 views

BWA DiREX-Pro Password Disclosure Vulnerability

The BWA DiREX-Pro is a digital video recorder. A password disclosure vulnerability exists in BWA DiREX-Pro 1.2181. A remote attacker can exploit this vulnerability by directly requesting valusers.php3 to obtain a password...

7.5CVSS6.9AI score0.00542EPSS

Exploits1References1

OSV•added 2020/03/09 7:15 p.m.•0 views

CVE-2020-10248

BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to valusers.php3...

7.5CVSS7.2AI score

Exploits0References1

NVD•added 2020/03/09 7:15 p.m.•8 views

CVE-2020-10250

BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3...

10CVSS9.9AI score0.03253EPSS

Exploits1References1

OSV•added 2020/03/09 7:15 p.m.•0 views

CVE-2020-10250

BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3...

9.8CVSS7.6AI score

Exploits0References1

NVD•added 2020/03/09 7:15 p.m.•10 views

CVE-2020-10249

BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to valsoft.php3...

5.3CVSS5.3AI score0.00356EPSS

Exploits1References1

OSV•added 2020/03/09 7:15 p.m.•2 views

CVE-2020-10249

BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to valsoft.php3...

5.3CVSS6.1AI score0.00356EPSS

Exploits1References1

NVD•added 2020/03/09 7:15 p.m.•9 views

CVE-2020-10248

BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to valusers.php3...

7.5CVSS7.6AI score0.00542EPSS

Exploits1References1

Prion•added 2020/03/09 7:15 p.m.•10 views

Design/Logic Flaw

BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3...

10CVSS9.8AI score0.03253EPSS

Exploits1References1Affected Software1

Prion•added 2020/03/09 7:15 p.m.•6 views

Path traversal

BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to valsoft.php3...

5CVSS5.4AI score0.00356EPSS

Exploits1References1Affected Software1

Prion•added 2020/03/09 7:15 p.m.•9 views

Design/Logic Flaw

BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to valusers.php3...

5CVSS7.6AI score0.00542EPSS

Exploits1References1Affected Software1

CVE•added 2020/03/09 6:56 p.m.•62 views

CVE-2020-10248

CVE-2020-10248 affects BWA DiREX-Pro 1.2181 devices. Multiple connected sources (Red Hat, CNVD, CVE lists) describe a vulnerability where a remote attacker can disclose passwords by issuing a direct request to val_users.php3. The fixed/software patch status or remediation steps are not detailed i...

7.5CVSS7.5AI score0.00542EPSS

Exploits1References1Affected Software1