35 matches found
EUVD-2024-19488
Malicious code in bioql PyPI...
EUVD-2024-19491
Malicious code in bioql PyPI...
EUVD-2024-19490
Malicious code in bioql PyPI...
EUVD-2024-19487
Malicious code in bioql PyPI...
EUVD-2024-19489
Malicious code in bioql PyPI...
CVE-2024-21878
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Enphase IQ Gateway formerly known as Envoy allows OS Command Injection. This vulnerability is present in an internal script.This issue affects Envoy: from 4.x up to and including 8.x and is currentl...
CVE-2024-21878
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Enphase IQ Gateway formerly known as Envoy allows OS Command Injection. This vulnerability is present in an internal script.This issue affects Envoy: from 4.x up to and including 8.x and is currentl...
CVE-2024-21879
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway formerly known as Envoy allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and 8.2.4225...
CVE-2024-21880
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway formerly known as Enphase allows OS Command Injection.This issue affects Envoy: 4.x = 7.x...
CVE-2024-21879
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway formerly known as Envoy allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and 8.2.4225...
CVE-2024-21880
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability via the url parameter of an authenticated enpoint in Enphase IQ Gateway formerly known as Enphase allows OS Command Injection.This issue affects Envoy: 4.x = 7.x...
CVE-2024-21876
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability via a URL parameter in Enphase IQ Gateway formerly known as Envoy allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and 8.2.4225...
CVE-2024-21876
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability via a URL parameter in Enphase IQ Gateway formerly known as Envoy allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and 8.2.4225...
CVE-2024-21877
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability through a url parameter in Enphase IQ Gateway formerly known as Envoy allows File Manipulation. The endpoint requires authentication.This issue affects Envoy: from 4.x to 8.0 and 8.2.4225...
CVE-2024-21876 Unauthenticated Path Traversal via URL Parameter in Enphase IQ Gateway version < 8.2.4225
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability via a URL parameter in Enphase IQ Gateway formerly known as Envoy allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and 8.2.4225...
CVE-2024-21876
CVE-2024-21876 affects Enphase IQ Gateway (formerly Envoy). A path traversal vulnerability allows an unauthenticated attacker to access or create arbitrary files via a URL parameter. Affects Envoy versions 4.x–8.x and
CVE-2024-21876 Unauthenticated Path Traversal via URL Parameter in Enphase IQ Gateway version < 8.2.4225
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability via a URL parameter in Enphase IQ Gateway formerly known as Envoy allows an unautheticated attacker to access or create arbitratry files.This issue affects Envoy: from 4.x to 8.x and 8.2.4225...
CVE-2024-21877 Insecure File Generation Based on User Input in Enphase IQ Gateway version 4.x to 8.x and < 8.2.4225
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability through a url parameter in Enphase IQ Gateway formerly known as Envoy allows File Manipulation. The endpoint requires authentication.This issue affects Envoy: from 4.x to 8.0 and 8.2.4225...
CVE-2024-21879
Enphase IQ Gateway (Envoy) is affected by CVE-2024-21879, a Command Injection vulnerability exploitable via a URL parameter on an authenticated endpoint. Affected versions are 4.x through 8.x and any version before 8.2.4225. The root cause is improper neutralization of special elements in the URL...
CVE-2024-21879 URL parameter manipulations allows an authenticated attacker to execute arbitrary OS commands in Enphase IQ Gateway v4.x to v8.x and < v8.2.4225
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability through an url parameter of an authenticated enpoint in Enphase IQ Gateway formerly known as Envoy allows OS Command Injection.This issue affects Envoy: from 4.x to 8.x and 8.2.4225...