CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2023/10/19 12:0 a.m.•2 views

Motorola MTM5000 Formatting String Error Vulnerability

The Motorola MTM5000 is a mobile radio from Motorola, USA. A security vulnerability exists in the Motorola MTM5000 that stems from a format string vulnerability in the AT+CTGL command in the command handler, which results in a write-anywhere scenario that can be exploited to obtain arbitrary code...

9.6CVSS7.9AI score0.00134EPSS

Exploits0References2

Prion•added 2023/09/18 3:15 a.m.•9 views

Format string

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...

6.5CVSS8.5AI score0.00311EPSS

Cvelist•added 2023/09/18 2:36 a.m.•19 views

CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string

8.8CVSS8.8AI score0.00311EPSS

Vulnrichment•added 2023/09/18 2:36 a.m.•11 views

CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string

8.8CVSS7AI score0.00311EPSS

CVE•added 2023/09/18 2:36 a.m.•45 views

CVE-2023-41349

CVE-2023-41349 affects ASUS RT-AX88U routers and involves an externally controllable format string vulnerability in the Advanced OpenVPN function. An authenticated remote attacker can exploit an exported OpenVPN configuration to trigger a format string attack, leading to sensitive information lea...

8.8CVSS8.6AI score0.00311EPSS

NVD•added 2023/09/07 8:15 a.m.•15 views

CVE-2023-39238

It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its setiperf3svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution,...

7.2CVSS7.1AI score0.04596EPSS

OSV•added 2023/09/07 8:15 a.m.•2 views

CVE-2023-39238

7.2CVSS6AI score

OSV•added 2023/09/07 8:15 a.m.•2 views

CVE-2023-39240

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...

7.2CVSS6AI score

NVD•added 2023/09/07 8:15 a.m.•13 views

CVE-2023-39239

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary...

7.2CVSS7.1AI score0.01128EPSS

NVD•added 2023/09/07 8:15 a.m.•12 views

CVE-2023-39240

7.2CVSS7.1AI score0.01128EPSS

OSV•added 2023/09/07 8:15 a.m.•2 views

CVE-2023-39239

7.2CVSS6AI score0.01128EPSS

Prion•added 2023/09/07 8:15 a.m.•25 views

Format string

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perfor...

7.5CVSS9.6AI score0.01128EPSS

Exploits0References1Affected Software3

Prion•added 2023/09/07 8:15 a.m.•21 views

Format string

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote...

7.5CVSS9.6AI score0.01128EPSS

Exploits0References1Affected Software3

Prion•added 2023/09/07 8:15 a.m.•29 views

Format string

It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its setiperf3svr.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code...

7.5CVSS9.6AI score0.04596EPSS

Exploits0References1Affected Software3

Cvelist•added 2023/09/07 7:25 a.m.•17 views

CVE-2023-39240 ASUS RT-AX55、RT-AX56U_V2 - Format String - 3

Vulnrichment•added 2023/09/07 7:25 a.m.•9 views

CVE-2023-39240 ASUS RT-AX55、RT-AX56U_V2 - Format String - 3

7.2CVSS7.5AI score0.01128EPSS

CVE•added 2023/09/07 7:25 a.m.•2524 views

CVE-2023-39240

CVE-2023-39240 affects ASUS RT-AX56U V2: a format string vulnerability in the iperf client API, caused by insufficient validation in set_iperf3_cli.cgi. A remote attacker with administrator privileges could achieve remote code execution or service disruption. Exploitation details are not provided...

CVE•added 2023/09/07 7:18 a.m.•2522 views

CVE-2023-39239

The CVE-2023-39239 entry concerns an authenticated/remote (sources vary on privilege) format string vulnerability in the General function API (apply.cgi) of ASUS RT-AX56U V2. The flaw arises from lack of input validation for a specific value in apply.cgi, enabling remote code execution or disrupt...

Cvelist•added 2023/09/07 7:18 a.m.•12 views

CVE-2023-39239 ASUS RT-AX55、RT-AX56U_V2、RT-AC86U - Format String - 2