Lucene search
K

183 matches found

NVD
NVD
added 2024/06/11 5:15 a.m.17 views

CVE-2024-36360

OS command injection vulnerability exists in awkblog v0.0.1 commit hash:7b761b192d0e0dc3eef0f30630e00ece01c8d552 and earlier. If a remote unauthenticated attacker sends a specially crafted HTTP request, an arbitrary OS command may be executed with the privileges of the affected product on the...

9.8CVSS0.01571EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/05/30 12:0 a.m.15 views

JVN#80506242: awkblog vulnerable to OS command injection

awkblog provided by Keisuke Nakayama contains an OS command injection vulnerability CWE-78. Impact If a remote unauthenticated attacker sends a specially crafted HTTP request, an arbitrary OS command may be executed with the privileges of the affected product on the machine running the product...

9.8CVSS9.7AI score0.01571EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/04/15 12:0 a.m.44 views

JVN#58236836: Multiple vulnerabilities in BUFFALO wireless LAN routers

Multiple wireless LAN routers provided by BUFFALO INC. contain multiple vulnerabilities listed below. Plaintext storage of a password CWE-256 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score 6.5 CVE-2024-23486 OS Command Injection CWE-78 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base...

9.8CVSS6.7AI score0.00561EPSS
Exploits0
NVD
NVD
added 2024/03/28 1:15 a.m.13 views

CVE-2024-28008

Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N,...

9.8CVSS7.1AI score0.00624EPSS
Exploits0References2
NVD
NVD
added 2024/03/28 1:15 a.m.21 views

CVE-2024-28011

Hidden Functionality vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP,...

9.8CVSS7.1AI score0.00624EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/28 12:56 a.m.19 views

CVE-2024-28015

Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2,...

7.4AI score0.00674EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/28 12:54 a.m.23 views

CVE-2024-28011

Hidden Functionality vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP,...

7.3AI score0.00624EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/28 12:54 a.m.10 views

CVE-2024-28011

Hidden Functionality vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP,...

7.4AI score0.00624EPSS
Exploits0References1
CVE
CVE
added 2024/03/28 12:54 a.m.85 views

CVE-2024-28010

CVE-2024-28010 affects NEC Aterm series devices (e.g., WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, etc.). Root cause: use of hard-coded passwords in the device firmware, enabling an unauthenticated or weak-credential scenario that could permit an attacker to execute arbitrary OS comman...

9.8CVSS7.3AI score0.00577EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/28 12:54 a.m.15 views

CVE-2024-28010

Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP,...

7.4AI score0.00577EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/28 12:54 a.m.19 views

CVE-2024-28010

Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP,...

7.3AI score0.00577EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/28 12:52 a.m.9 views

CVE-2024-28008

Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N,...

7.7AI score0.00624EPSS
Exploits0References1
CVE
CVE
added 2024/03/28 12:52 a.m.73 views

CVE-2024-28008

CVE-2024-28008 affects NEC Aterm routers (multiple models listed, incl. WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, etc.). Root cause: Active Debug Code in the device allows an attacker to execute arbitrary OS commands via the internet. Impact: unauthenticated remote command execution with high r...

9.8CVSS7.3AI score0.00624EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/28 12:52 a.m.15 views

CVE-2024-28008

Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N,...

7.3AI score0.00624EPSS
Exploits0References1
NVD
NVD
added 2024/03/26 10:15 a.m.34 views

CVE-2024-28033

OS command injection vulnerability exists in WebProxy 1.7.8 and 1.7.9, which may allow a remote unauthenticated attacker to execute an arbitrary OS command with the privilege of the running web server. Note that the developer was unreachable, therefore, users should consider stop using WebProxy...

7.3CVSS7.6AI score0.01019EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/26 9:37 a.m.19 views

CVE-2024-28048

OS command injection vulnerability exists in ffBull ver.4.11, which may allow a remote unauthenticated attacker to execute an arbitrary OS command with the privilege of the running web server. Note that the developer was unreachable, therefore, users should consider stop using ffBull ver.4.11...

7.8AI score0.01284EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/26 9:37 a.m.13 views

CVE-2024-28048

OS command injection vulnerability exists in ffBull ver.4.11, which may allow a remote unauthenticated attacker to execute an arbitrary OS command with the privilege of the running web server. Note that the developer was unreachable, therefore, users should consider stop using ffBull ver.4.11...

7.6AI score0.01284EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/03/25 12:0 a.m.22 views

JVN#17176449: ffBull vulnerable to OS command injection

ffBull according to the original report submitted by the reporter provided by Fortunefield is a bulletin board system BBS. ffBull contains an OS command injection vulnerability CWE-78. Impact A remote unauthenticated attacker may execute an arbitrary OS command with the privilege of the running w...

9.8CVSS9.9AI score0.01284EPSS
Exploits0
GithubExploit
GithubExploit
added 2024/03/15 12:3 p.m.463 views

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

CVE-2023-43208 - Mirth Connect Remote Code Execution RCE Exp...

9.8CVSS10AI score0.97106EPSS
Exploits22
NVD
NVD
added 2024/02/14 11:15 a.m.13 views

CVE-2024-23789

Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command on the affected product...

9.8CVSS7.2AI score0.01176EPSS
Exploits0References3
Rows per page
Query Builder