Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-30706

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.26288EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:52 a.m.4 views

CVE-2024-32937

An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A specially crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this...

9.8CVSS7.9AI score0.26288EPSS
Exploits1References1
NVD
NVD
added 2024/07/03 2:15 p.m.31 views

CVE-2024-32937

An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A specially crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this...

9.8CVSS0.26288EPSS
Exploits1References2
OSV
OSV
added 2024/07/03 2:15 p.m.3 views

CVE-2024-32937

An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A specially crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this...

9.8CVSS5.9AI score0.26288EPSS
Exploits1References2
CVE
CVE
added 2024/07/03 2:5 p.m.64 views

CVE-2024-32937

Grandstream GXP2135 CWMP SelfDefinedTimeZone OS command injection (CVE-2024-32937) affects GXP2135 devices (firmware 1.0.9.129, 1.0.11.74, 1.0.11.79). The vulnerability stems from an unfiltered TimeZone parameter processed in the CWMP handler (set_selfdefinedtimezone_value) which builds and execu...

9.8CVSS7.6AI score0.26288EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/03 2:5 p.m.30 views

CVE-2024-32937

An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A specially crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this...

8.1CVSS7.8AI score0.26288EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/03 2:5 p.m.24 views

CVE-2024-32937

An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A specially crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this...

8.1CVSS0.26288EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/07/03 12:0 a.m.5 views

Grandstream GXP2135 Operating System Command Injection Vulnerability

The Grandstream GXP2135 is an enterprise-grade color screen IP phone from Grandstream. An operating system command injection vulnerability exists in the Grandstream GXP2135 versions 1.0.9.129, 1.0.11.74, and 1.0.11.79, which originates from specially crafted network packets that can lead to...

9.8CVSS7.8AI score0.26288EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/03 12:0 a.m.5 views

PT-2024-24989 · Grandstream · Grandstream Gxp2135

Name of the Vulnerable Software and Affected Versions: Grandstream GXP2135 versions 1.0.9.129 through 1.0.11.79 Description: An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality. A specially crafted network packet can lead to arbitrary command execution. An...

8.1CVSS7.7AI score0.26288EPSS
Exploits1References6
Talos
Talos
added 2024/07/03 12:0 a.m.35 views

Grandstream GXP2135 CWMP SelfDefinedTimeZone OS command injection vulnerability

Talos Vulnerability Report TALOS-2024-1978 Grandstream GXP2135 CWMP SelfDefinedTimeZone OS command injection vulnerability July 3, 2024 CVE Number CVE-2024-32937 SUMMARY An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129,...

9.8CVSS8.7AI score0.26288EPSS
Exploits1
Rows per page
Query Builder