CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/01/09 9:33 a.m.•2 views

CVE-2024-39148

The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker to execute arbitrary OS commands as root when the service is reachable over network. Typically, the service is protected via local firewall...

8.1CVSS7.7AI score0.00128EPSS

Exploits0References1

EUVD•added 2025/12/01 6:30 p.m.•2 views

EUVD-2024-55105

8.1CVSS7.2AI score0.00128EPSS

Exploits0References3

NVD•added 2025/12/01 4:15 p.m.•3 views

CVE-2024-39148

8.1CVSS0.00128EPSS

Exploits0References2

OSV•added 2025/12/01 4:15 p.m.•2 views

CVE-2024-39148

8.1CVSS6AI score0.00128EPSS

Exploits0References2

CVE•added 2025/12/01 12:0 a.m.•25 views

CVE-2024-39148

CVE-2024-39148 affects KerOS prior to 5.12. The issue is in the wmp-agent service, which does not properly validate the so‑called ‘magic URLs’, allowing an unauthenticated attacker to execute arbitrary OS commands as root if the service is reachable over the network. Documents from Red Hat, ENISA...

8.1CVSS7.3AI score0.00128EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/12/01 12:0 a.m.•2 views

PT-2025-48467

Name of the Vulnerable Software and Affected Versions KerOS versions prior to 5.12 Description The wmp-agent service does not correctly validate ‘magic URLs’, potentially allowing a remote attacker without authentication to execute arbitrary operating system commands as root if the service is...

8.1CVSS7.3AI score0.00128EPSS

Exploits0References6