Lucene search
K

5 matches found

NVD
NVD
added 2024/09/18 2:15 p.m.18 views

CVE-2024-8891

An attacker with no knowledge of the current users in the web application, could build a dictionary of potential users and check the server responses as it indicates whether or not the user is present in CIRCUTOR Q-SMT in its firmware version 1.0.4...

5.3CVSS0.00312EPSS
Exploits0References1
CVE
CVE
added 2024/09/18 1:10 p.m.45 views

CVE-2024-8891

CVE-2024-8891 applies to CIRCUTOR Q-SMT, firmware 1.0.4. The vulnerability allows an attacker with no knowledge of current users to enumerate potential users by observing server responses, revealing whether a user exists. This is a user enumeration/ private information exposure issue affecting th...

5.3CVSS5.3AI score0.00312EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/18 1:3 p.m.32 views

CVE-2024-8890 Insertion of Sensitive Information Into Sent Data vulnerability on CIRCUTOR Q-SMT

An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could obtain legitimate credentials or steal sessions due to the fact that the device only implements the HTTP protocol. This fact prevents a secure communication channel from being establish...

8CVSS0.00391EPSS
Exploits0References1
NVD
NVD
added 2024/09/18 11:15 a.m.21 views

CVE-2024-8887

CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service DoS attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalities implemented at web level that allow...

10CVSS0.00558EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/18 11:5 a.m.15 views

CVE-2024-8887 Authentication bypass vulnerability on CIRCUTOR Q-SMT

CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service DoS attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalities implemented at web level that allow...

10CVSS9.3AI score0.00558EPSS
Exploits0References1
Rows per page
Query Builder