Lucene search
K

8 matches found

EUVD
EUVD
added 2026/06/13 12:34 a.m.17 views

EUVD-2026-36620

OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate...

7.7CVSS5.2AI score0.00102EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 10:16 p.m.17 views

CVE-2026-53832

OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate...

7.7CVSS0.00102EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 9:56 p.m.32 views

CVE-2026-53832 OpenClaw < 2026.5.18 - Identity Header Forgery via Trusted-Proxy Configuration

OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate...

7.7CVSS0.00102EPSS
Exploits0References2
CVE
CVE
added 2026/03/05 9:59 p.m.22 views

CVE-2026-28450

OpenClaw, versions prior to 2026.2.12 with the optional Nostr plugin enabled, expose unauthenticated HTTP endpoints at /api/channels/nostr/:accountId/profile and /api/channels/nostr/:accountId/profile/import. These allow reading and modifying Nostr profiles without gateway authentication, potenti...

8.3CVSS5.9AI score0.0034EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/03/01 10:15 p.m.2 views

CVE-2024-1869

Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway GGW over port 9220...

7.5CVSS5.8AI score0.02328EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/29 12:0 a.m.4 views

PT-2024-1954 · Hewlett Packard · Hp Designjet

Name of the Vulnerable Software and Affected Versions: HP DesignJet print products affected versions not specified Description: The issue is related to information disclosure when accessing memory out-of-bounds using the general-purpose gateway GGW over port 9220. This could allow a remote attack...

7.8CVSS7.7AI score0.02328EPSS
Exploits0References5
OSV
OSV
added 2022/10/31 8:15 p.m.4 views

CVE-2022-38142

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization...

9.8CVSS6.1AI score0.18212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.7 views

PT-2022-24234 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions 00.00.01a and prior Description: The issue concerns the deserialization of user-supplied data provided through the Device-Gateway service port without proper verification. An attacker could...

9.8CVSS9.7AI score0.18212EPSS
Exploits0References3
Rows per page
Query Builder