Lucene search
K

16831 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:27 a.m.4 views

CVE-2024-12896

A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222 and classified as problematic. Affected by this issue is some unknown functionality of the file /webcaps/webCapsConfig of the component Web Interface. The manipulation leads to...

6.9CVSS5.1AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:24 a.m.4 views

CVE-2024-23766

An issue was discovered on HMS Anybus X-Gateway AB7832-F 3 devices. The gateway exposes a web interface on port 80. An unauthenticated GET request to a specific URL triggers the reboot of the Anybus gateway or at least most of its modules. An attacker can use this feature to carry out a denial of...

7.5CVSS6.9AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:19 a.m.4 views

CVE-2024-5560

CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request...

7.5CVSS6.8AI score0.00894EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:17 a.m.3 views

CVE-2024-20405

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are...

6.1CVSS6.1AI score0.00648EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:15 a.m.4 views

CVE-2024-5421

Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated command injection.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below...

8.7CVSS7AI score0.03692EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:7 a.m.4 views

CVE-2024-5410

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting XSS.This issue affects IAP-420 version 2.01e and below...

8.3CVSS6.2AI score0.13165EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:7 a.m.4 views

CVE-2024-5411

Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below...

8.7CVSS7AI score0.234EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:4 a.m.4 views

CVE-2024-7214

A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369B20220309 and classified as critical. Affected by this vulnerability is the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to command injection. The attack can be launched remotely. T...

8.8CVSS7.6AI score0.03152EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:46 a.m.4 views

CVE-2024-20257

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.r This vulnerability is due to insufficient validation of user input. An attacker...

4.8CVSS6.7AI score0.00289EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:46 a.m.5 views

CVE-2024-20392

A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to insufficient input validation of some parameters that are passed to t...

6.1CVSS6.1AI score0.00389EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:19 a.m.5 views

CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

6.9CVSS6.8AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:17 a.m.6 views

CVE-2024-10511

CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface when someone on the local network repeatedly requests the /accessdenied URL...

6.3CVSS6.7AI score0.00959EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:17 a.m.3 views

CVE-2024-36442

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...

8.8CVSS6AI score0.00737EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:16 a.m.5 views

CVE-2024-36439

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative web interface via the device password's hash value, without knowing the actual device password...

9.4CVSS5.9AI score0.0088EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:16 a.m.8 views

CVE-2024-36832

A NULL pointer dereference in D-Link DAP-1513 REVAFIRMWARE1.01 allows attackers to cause a Denial of Service DoS via a crafted web request without authentication. The vulnerability occurs in the /bin/webs binary of the firmware. When /bin/webs receives a carefully constructed HTTP request, it wil...

7.5CVSS5.9AI score0.00388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:9 a.m.24 views

CVE-2024-6646

A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /downloadFile.php of the component Web Interface. The manipulation of the argument file with the input config leads to information...

6.9CVSS6.3AI score0.45959EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:7 a.m.6 views

CVE-2024-45170

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or missing access control, low privileged users can use administrative functions of the C-MOR web interface. It was found out that different functions are only available to administrative users. However, acces...

8.1CVSS7AI score0.00648EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:49 a.m.8 views

CVE-2024-20539

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input...

4.8CVSS6.3AI score0.00266EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:49 a.m.12 views

CVE-2024-20269

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient...

5.4CVSS6.1AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:49 a.m.27 views

CVE-2024-20515

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to a lack of proper data protection mechanisms for certain configuration...

6.5CVSS6.3AI score0.00294EPSS
Exploits0References1
Rows per page
Query Builder