Lucene search
+L

7 matches found

0day.today
0day.today
added 2024/06/02 12:0 a.m.184 views

ORing IAP-420 2.01e Cross Site Scripting / Command Injection Vulnerabilities

------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version| - CVE number| CVE-2024-5410, CVE-2024-5411 impact| High homepage| https://oringnet.com/ found| 2024-01-19 by| T. Weber...

8.7CVSS6.7AI score0.234EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/05/30 12:0 a.m.273 views

ORing IAP-420 2.01e Cross Site Scripting / Command Injection

CyberDanube Security Research 20240528-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version| - CVE number| CVE-2024-5410, CVE-2024-5411 impact| High homepage|...

7.2AI score0.234EPSS
Exploits4
Circl
Circl
added 2024/05/28 1:37 p.m.8 views

CVE-2024-5411

creationtimestamp| type| source ---|---|--- 2024-05-28 13:37:59+00:00| seen| https://t.me/HackingInsights/1004 2025-02-13 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-15...

8.8CVSS4.8AI score0.234EPSS
Exploits3References2
NVD
NVD
added 2024/05/28 11:15 a.m.19 views

CVE-2024-5411

Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below...

8.8CVSS6.6AI score0.234EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/05/28 10:28 a.m.40 views

CVE-2024-5411 Command Injection

Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below...

8.7CVSS6.6AI score0.234EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/05/28 10:28 a.m.20 views

CVE-2024-5411 Command Injection

Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below...

8.7CVSS6.9AI score0.234EPSS
Exploits3References2
CVE
CVE
added 2024/05/28 10:28 a.m.27 views

CVE-2024-5411

Summary: CVE-2024-5411 affects ORing IAP-420 web interface (version 2.01e and earlier). The root cause is missing input validation and OS command integration of user input, enabling authenticated command injection and potentially full device compromise. Exploitation requires authentication to the...

8.8CVSS6.8AI score0.234EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder