Lucene search
+L

28 matches found

CVE
CVE
added yesterday4 views

CVE-2024-32385

CVE-2024-32385 affects Kerlink Wirnet iStation 868 running KerOS v.4.3.3_20200803132042. The issue allows a remote attacker to obtain sensitive information via boardID and revisionID components, implying information disclosure. CVSSv3.1 base score 4.3 (MEDIUM), attack vector: adjacent, no privile...

4.3CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2024-32386

CVE-2024-32386 affects Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042, with a directory traversal vulnerability that allows an adjacent attacker to obtain sensitive information through the SNMP update mechanism. The CVSSv3.1 base score is 7.3 (HIGH) with attack vector ADJACENT, low atta...

7.3CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2024-32387

Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042 is affected by CVE-2024-32387. The issue allows a remote attacker to obtain sensitive information through the community string component. No additional technical details, root cause, affected subcomponents, or remediation steps are provided...

5.7CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2024-32389

Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042 exposes a Buffer Overflow in the update URLs component, allowing a remote attacker to obtain sensitive information. This CVE (CVE-2024-32389) has a CVSS v3.1 base score of 3.5 (LOW) with an adjacent attack vector, low confidentiality impact...

3.5CVSS6.1AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.11 views

CVE-2024-32388

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS6.8AI score0.01453EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.15 views

CVE-2024-32384

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

7.4CVSS6.8AI score0.0015EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/01 6:30 p.m.6 views

EUVD-2024-30202

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

6.8CVSS6.2AI score0.0015EPSS
Exploits0References3
NVD
NVD
added 2025/12/01 4:15 p.m.6 views

CVE-2024-32388

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS0.01453EPSS
Exploits0References2
OSV
OSV
added 2025/12/01 4:15 p.m.3 views

CVE-2024-32388

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS5.8AI score0.01453EPSS
Exploits0References2
OSV
OSV
added 2025/12/01 4:15 p.m.4 views

CVE-2024-32384

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

7.4CVSS5.8AI score0.0015EPSS
Exploits0References2
NVD
NVD
added 2025/12/01 4:15 p.m.8 views

CVE-2024-32384

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

7.4CVSS0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.15 views

Kerlink KerOS 安全漏洞

Kerlink KerOS is an operating system from the French company Kerlink. A security vulnerability exists in Kerlink KerOS versions prior to 5.12 that stems from the wmp-agent service not properly validating magic URLs, which could allow an unauthenticated remote attacker to execute arbitrary OS...

8.1CVSS7.6AI score0.00452EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/01 12:0 a.m.3 views

CVE-2024-32388

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS6.4AI score0.01453EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/01 12:0 a.m.5 views

EUVD-2024-30206

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS6.3AI score0.01453EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/01 12:0 a.m.8 views

CVE-2024-32388

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS0.01453EPSS
Exploits0References2
CVE
CVE
added 2025/12/01 12:0 a.m.15 views

CVE-2024-32388

CVE-2024-32388 affects Kerlink KerOS prior to 5.12. The root cause is a firewall misconfiguration that causes devices to incorrectly accept specially crafted UDP packets, enabling an attacker to bypass the firewall and access UDP-based services that would otherwise be protected. The connected doc...

5.3CVSS6.4AI score0.01453EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.6 views

Kerlink KerOS 安全漏洞

Kerlink KerOS is an operating system from the French company Kerlink. A security vulnerability exists in Kerlink KerOS versions prior to 5.10, which stems from exposing the web interface over HTTP only and does not support HTTPS, which could lead to a man-in-the-middle attack...

7.4CVSS6.5AI score0.0015EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/01 12:0 a.m.5 views

CVE-2024-32384

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

6.8CVSS6.4AI score0.0015EPSS
Exploits0References2
CVE
CVE
added 2025/12/01 12:0 a.m.13 views

CVE-2024-32384

Kerlink KerOS gateways before version 5.10 expose the web interface only over HTTP, with no HTTPS support. This transport security gap enables a man‑in‑the‑middle attacker to intercept/modify traffic between clients and devices. Affected product: Kerlink gateways running KerOS pre‑5.10. Root caus...

7.4CVSS6.4AI score0.0015EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.5 views

PT-2025-48466

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS6.8AI score0.01453EPSS
Exploits0References3
Rows per page
Query Builder