Lucene search
K

43 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-32819

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01793EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-32823

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00808EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-32817

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00488EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-32820

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01817EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32818

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0065EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-32821

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01793EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32815

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01259EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-32822

Malicious code in bioql PyPI...

8.1CVSS8.1AI score0.01213EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.10 views

CVE-2022-28375

Verizon 5G Home LVSKIHP OutDoorUnit ODU 3.33.101.0 does not property sanitize user-controlled parameters within the crtcswitchsimprofile function of the crtcrpc JSON listener. A remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/rpc.lua to...

9.8CVSS7.8AI score0.01793EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.4 views

CVE-2022-28371

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static certificate for access control. This certificate is embedded in the firmware, and is identical across the fleet of devices. An attacker need only download...

7.5CVSS7.2AI score0.00488EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.6 views

CVE-2022-28377

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of th...

7.5CVSS7AI score0.00808EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.9 views

CVE-2022-28374

Verizon 5G Home LVSKIHP OutDoorUnit ODU 3.33.101.0 does not property sanitize user-controlled parameters within the DMACC URLs on the Settings page of the Engineering portal. An authenticated remote attacker on the local network can inject shell metacharacters into...

8.8CVSS7.7AI score0.01817EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:4 a.m.8 views

CVE-2022-28376

Verizon 5G Home LVSKIHP outside devices through 2022-02-15 allow anyone knowing the device's serial number to access a CPE admin website, e.g., at the 10.0.0.1 IP address. The password for the verizon username is calculated by concatenating the serial number and the model i.e., the LVSKIHP string...

8.1CVSS7.2AI score0.01213EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.7 views

CVE-2022-28369

Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 does not validate the user-provided URL within the crtcmode function's enablessh sub-operation of the crtcrpc JSON listener found at /lib/functions/wncjsonsh/crtcmode.sh A remote attacker on the local network can provide a malicious URL. The data...

9.8CVSS6.9AI score0.01259EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.7 views

CVE-2022-28373

Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 does not properly sanitize user-controlled parameters within the crtcreadpartition function of the crtcrpc JSON listener in /usr/lib/lua/luci/crtc.lua. A remote attacker on the local network can inject shell metacharacters to achieve remote code...

9.8CVSS7.8AI score0.01793EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.6 views

CVE-2022-28370

On Verizon 5G Home LVSKIHP OutDoorUnit ODU 3.33.101.0 devices, the RPC endpoint crtcfwupgrade provides a means of provisioning a firmware update for the device. /lib/functions/wncjsonsh/wnccrtcfw.sh has no cryptographic validation of the image, thus allowing an attacker to modify the installed...

7.5CVSS7AI score0.00323EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.5 views

CVE-2022-28372

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtcfwupgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file uplo...

7.5CVSS7.2AI score0.0065EPSS
Exploits1References1
OSV
OSV
added 2022/07/14 1:15 p.m.2 views

CVE-2022-28369

Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 does not validate the user-provided URL within the crtcmode function's enablessh sub-operation of the crtcrpc JSON listener found at /lib/functions/wncjsonsh/crtcmode.sh A remote attacker on the local network can provide a malicious URL. The data...

9.8CVSS5.8AI score0.01259EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/07/14 1:15 p.m.3 views

CVE-2022-28369

Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 does not validate the user-provided URL within the crtcmode function's enablessh sub-operation of the crtcrpc JSON listener found at /lib/functions/wncjsonsh/crtcmode.sh A remote attacker on the local network can provide a malicious URL. The data...

9.8CVSS5.9AI score0.01259EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/07/14 1:15 p.m.3 views

CVE-2022-28371

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static certificate for access control. This certificate is embedded in the firmware, and is identical across the fleet of devices. An attacker need only download...

7.5CVSS5.9AI score0.00488EPSS
Exploits1References3
Rows per page
Query Builder