Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2021/04/22 12:0 a.m.35 views

Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability

Talos Vulnerability Report TALOS-2021-1239 Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability April 22, 2021 CVE Number CVE-2021-31517 SUMMARY A denial-of-service vulnerability exists in the tdts.ko TRF file-parsing functionality of Trend Micro Inc.’s...

7.8CVSS7AI score0.01097EPSS
Exploits0
Talos
Talos
added 2020/07/14 12:0 a.m.35 views

Intel IGC64.DLL Shader Functionality HeapReAlloc code execution vulnerability

Summary An exploitable double free vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted geometry shader can cause a double free vulnerability, leading to arbitrary code execution. An attacker can provide a specially crafted shader file to trigger...

9CVSS9AI score0.05532EPSS
Exploits0
Talos
Talos
added 2020/01/27 12:0 a.m.35 views

Accusoft ImageGear PNG pngread width code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG pngread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to t...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2019/08/19 12:0 a.m.35 views

Nest Labs Openweave Weave ASN1Writer PutValue Code Execution Vulnerability

Summary An exploitable command execution vulnerability exists in the ASN1 certificate writing functionality of Openweave-core version 4.0.2. A specially crafted weave certificate can trigger a heap-based buffer overflow, resulting in code execution. An attacker can craft a weave certificate to...

8.8CVSS8.7AI score0.01617EPSS
Exploits1
Talos
Talos
added 2019/01/02 12:0 a.m.36 views

Clean My Mac X disableLaunchdAgentAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.35 views

CleanMyMac X truncateFileAtPath Privilege Escalation Vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2018/04/12 12:0 a.m.35 views

NASA CFITSIO `ffgkyn` Stack Overflow Code Execution Vulnerability

Summary Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigg...

8.8CVSS8.9AI score0.02842EPSS
Exploits1
Talos
Talos
added 2018/04/10 12:0 a.m.35 views

Simple DirectMedia Layer SDL2_Image load_xcf_tile_rle Information Disclosure Vulnerability

Summary An exploitable information vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image to trigger this...

6.5CVSS6.8AI score0.01824EPSS
Exploits1
Talos
Talos
added 2018/03/01 12:0 a.m.35 views

Simple DirectMedia Layer SDL2_image Image Palette Population Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...

8.8CVSS8.8AI score0.02395EPSS
Exploits0
Talos
Talos
added 2018/01/11 12:0 a.m.35 views

Blender Sequencer imb_loadhdr Integer Overflow Code Execution Vulnerability

Summary An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .hdr file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

8.8CVSS7.9AI score0.01866EPSS
Exploits1
Talos
Talos
added 2018/01/09 12:0 a.m.35 views

CPP-Ethereum JSON-RPC miner_setGasPrice improper authorization Vulnerability

Summary An exploitable improper authorization vulnerability exists in minersetGasPrice API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...

8.1CVSS7.5AI score0.01658EPSS
Exploits2
Talos
Talos
added 2017/10/31 12:0 a.m.35 views

Circle with Disney Weak Authentication Vulnerability

Summary An exploitable vulnerability exists in the generation of authentication token functionality of Circle with Disney. Specially crafted network packets can cause a valid authentication token to be returned to the attacker resulting in authentication bypass. An attacker can send a series of...

9.8CVSS9AI score0.01516EPSS
Exploits2
Talos
Talos
added 2017/10/31 12:0 a.m.35 views

Circle with Disney Apid Photo Upload Denial of Service Vulnerability

Summary An exploitable vulnerability exists in the user photo update functionality of Circle with Disney running firmware 2.0.1. A repeated set of specially crafted API calls can cause the device to corrupt essential memory, resulting in a bricked device. An attacker needs network connectivity to...

7.8CVSS7.7AI score0.01379EPSS
Exploits2
Talos
Talos
added 2017/10/31 12:0 a.m.35 views

Circle with Disney Backup API Command Injection Vulnerability

Summary An exploitable vulnerability exists in the /api/CONFIG/backup functionality of Circle with Disney. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request trigger this vulnerability. Tested Versions Circle with Disney Product URLs...

9.8CVSS9.3AI score0.01516EPSS
Exploits2
Talos
Talos
added 2017/04/18 12:0 a.m.35 views

Lexmark Perceptive Document Filters XLS ShapeHLink Information Disclosure Vulnerability

Summary An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400 Tested...

4.3CVSS4AI score0.00908EPSS
Exploits2
Talos
Talos
added 2017/02/27 12:0 a.m.35 views

Iceni Argus TrueType Font File Cmap Table Code Execution Vulnerability

Summary An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a PDF containing a malformed font to XML, the tool will attempt to use a size out of the font to search through a linked list of buffers to return. Due to a signedness issue, a buffer smaller than...

9.3CVSS8.1AI score0.0225EPSS
Exploits2
Talos
Talos
added 2016/08/06 12:0 a.m.35 views

Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0185 Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability August 6, 2016 CVE Number CVE-2016-5646 Description An exploitable heap overflow vulnerability exists in the Compound Binary File Format CBFF parser functionality of Lexmark Perceptive...

7.8CVSS0.1AI score0.0203EPSS
Exploits2
Talos
Talos
added 2016/07/19 12:0 a.m.35 views

Oracle OIT IX SDK libvs_pdf Xref Offset Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0102 Oracle OIT IX SDK libvspdf Xref Offset Denial of Service Vulnerability July 19, 2016 CVE Number CVE-2016-3580 Description A vulnerability in PDF parser of the IX SDK exists that results in out of bounds heap memory access following an unchecked memory...

9CVSS8.5AI score0.0393EPSS
Exploits1
Talos
Talos
added 2016/07/19 12:0 a.m.35 views

Oracle OIT IX SDK libvs_pdf FlateDecode Colors Denial of Service Vulnerabiity

Talos Vulnerability Report TALOS-2016-0100 Oracle OIT IX SDK libvspdf FlateDecode Colors Denial of Service Vulnerabiity July 19, 2016 CVE Number CVE-2016-3578 DESCRIPTION A null pointer dereference leading to process crash can occur while parsing a malformed PDF file. TESTED VERSIONS Oracle Outsi...

9CVSS0.4AI score0.0393EPSS
Exploits1
Talos
Talos
added 2016/02/08 12:0 a.m.35 views

Trane Comfortlink II DSS Service REG Handling Remote Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0027 Trane Comfortlink II DSS Service REG Handling Remote Code Execution Vulnerability February 8, 2016 CVE Number CVE-2015-2868 DESCRIPTION An exploitable remote code execution vulnerability exists in the Trane ComfortLink II DSS service. An attacker who can...

10CVSS10.1AI score0.06841EPSS
Exploits1
Talos
Talos
added 2015/10/21 12:0 a.m.35 views

Network Time Protocol ntpq atoascii Memory Corruption Vulnerability

Talos Vulnerability Report TALOS-2015-0063 Network Time Protocol ntpq atoascii Memory Corruption Vulnerability October 21, 2015 CVE Number CVE-2015-7852 Description A potential off by one vulnerability exists in the cookedprint functionality of ntpq. A specially crafted buffer could cause a buffe...

5.9CVSS7.8AI score0.12282EPSS
Exploits0
Talos
Talos
added 2015/06/30 12:0 a.m.35 views

Apple Quicktime Corrupt stbl Atom Remote Code Execution Vulnerability

Talos Vulnerability Report TALOS-2015-0018 Apple Quicktime Corrupt stbl Atom Remote Code Execution Vulnerability June 30, 2015 CVE Number CVE-2015-3667 Description There is a remote code execution vulnerability in Apple Quicktime. An attacker who can control the data inside an stbl atom in a .mov...

6.8CVSS4.8AI score0.03635EPSS
Exploits0
Talos
Talos
added 2024/07/22 12:0 a.m.34 views

Ankitects Anki MPV script injection vulnerability

Talos Vulnerability Report TALOS-2024-1993 Ankitects Anki MPV script injection vulnerability July 22, 2024 CVE Number CVE-2024-26020 SUMMARY An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary...

9.6CVSS9.5AI score0.15067EPSS
Exploits1
Talos
Talos
added 2024/05/28 12:0 a.m.34 views

AutomationDirect P3-550E Programming Software Connection scan_lib.bin library code injection vulnerability

Talos Vulnerability Report TALOS-2024-1943 AutomationDirect P3-550E Programming Software Connection scanlib.bin library code injection vulnerability May 28, 2024 CVE Number CVE-2024-23601 SUMMARY A code injection vulnerability exists in the scanlib.bin functionality of AutomationDirect P3-550E...

9.8CVSS9.6AI score0.0072EPSS
Exploits0
Talos
Talos
added 2024/05/01 12:0 a.m.34 views

Tinyproxy HTTP request parsing uninitialized memory vulnerability

Talos Vulnerability Report TALOS-2023-1902 Tinyproxy HTTP request parsing uninitialized memory vulnerability May 1, 2024 CVE Number CVE-2023-40533 SUMMARY An uninitialized memory use vulnerability exists in Tinyproxy 1.11.1 while parsing HTTP requests. In certain configurations, a specially craft...

2.6CVSS7.7AI score
Exploits0
Talos
Talos
added 2024/04/03 12:0 a.m.34 views

Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability

Talos Vulnerability Report TALOS-2024-1949 Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability April 3, 2024 CVE Number CVE-2024-27201 SUMMARY An improper input validation vulnerability exists in the OAS Engine User Configuration functionali...

4.9CVSS5.5AI score0.00662EPSS
Exploits1
Talos
Talos
added 2024/02/20 12:0 a.m.34 views

The Biosig Project libbiosig sopen_FAMOS_read use-after-free vulnerability

Talos Vulnerability Report TALOS-2024-1923 The Biosig Project libbiosig sopenFAMOSread use-after-free vulnerability February 20, 2024 CVE Number CVE-2024-23310 SUMMARY A use-after-free vulnerability exists in the sopenFAMOSread functionality of The Biosig Project libbiosig 2.5.0 and Master Branch...

9.8CVSS9.4AI score0.01703EPSS
Exploits1
Talos
Talos
added 2024/02/15 12:0 a.m.34 views

Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1901 Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability February 15, 2024 CVE Number CVE-2024-20731 SUMMARY A use-after-free vulnerability exists in the FileAttachment PDAnnot object processing in Adobe Acrobat Reader...

7.8CVSS8.3AI score0.02611EPSS
Exploits0
Talos
Talos
added 2023/10/12 12:0 a.m.34 views

SoftEther VPN CiRpcAccepted() authentication bypass vulnerability

Talos Vulnerability Report TALOS-2023-1754 SoftEther VPN CiRpcAccepted authentication bypass vulnerability October 12, 2023 CVE Number CVE-2023-27516 SUMMARY An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially...

7.8CVSS7.5AI score0.0053EPSS
Exploits1
Talos
Talos
added 2023/07/13 12:0 a.m.34 views

Apple DCERPC call request uninitialized memory heap overflow vulnerability

Talos Vulnerability Report TALOS-2022-1677 Apple DCERPC call request uninitialized memory heap overflow vulnerability July 13, 2023 CVE Number CVE-2023-27934 SUMMARY A heap overflow vulnerability exists in the request processing functionality of DCERPC library as used in Apple macOS 12.6.1 that c...

8.8CVSS9.1AI score0.01785EPSS
Exploits0
Talos
Talos
added 2023/01/26 12:0 a.m.34 views

Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1607 Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-40969 SUMMARY An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020....

8.8CVSS8AI score0.05808EPSS
Exploits1
Talos
Talos
added 2022/12/22 12:0 a.m.34 views

OpenImageIO TGA Format Stack Buffer Overflow Vulnerability

Talos Vulnerability Report TALOS-2022-1628 OpenImageIO TGA Format Stack Buffer Overflow Vulnerability December 22, 2022 CVE Number CVE-2022-41981 SUMMARY A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can...

8.1CVSS8.6AI score0.0104EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.34 views

Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_serial_mac OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1566 Abode Systems, Inc. iota All-In-One Security Kit web interface utilsetserialmac OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-29472 SUMMARY An OS command injection vulnerability exists in the web interface utilsetserialmac...

10CVSS9.8AI score0.04433EPSS
Exploits1
Talos
Talos
added 2022/08/17 12:0 a.m.34 views

Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1497 Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability August 17, 2022 CVE Number CVE-2022-35821 SUMMARY An out-of-bounds read vulnerability exists in the /proc/fdt mmap operation functionality of Microsoft Azure Sphere 22.02. A...

4.4CVSS5.1AI score0.01004EPSS
Exploits0
Talos
Talos
added 2022/08/16 12:0 a.m.34 views

HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1485 HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability August 16, 2022 CVE Number CVE-2022-25972 SUMMARY An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to...

7.8CVSS8.2AI score0.00589EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.34 views

WWBN AVideo aVideoEncoder unzipDirectory directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1547 WWBN AVideo aVideoEncoder unzipDirectory directory traversal vulnerability August 16, 2022 CVE Number CVE-2022-30547 SUMMARY A directory traversal vulnerability exists in the unzipDirectory functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364...

9.9CVSS9.7AI score0.63666EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.34 views

TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1484 TCL LinkHub Mesh Wi-Fi confsrv ucloudsetnodelocation buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-26342 SUMMARY A buffer overflow vulnerability exists in the confsrv ucloudsetnodelocation functionality of TCL LinkHub Mesh Wi-Fi...

9.8CVSS9.6AI score0.0104EPSS
Exploits1
Talos
Talos
added 2022/06/15 12:0 a.m.34 views

Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability

Talos Vulnerability Report TALOS-2022-1440 Anker Eufy Homebase 2 mipscollector appsrvserver use-after-free vulnerability June 15, 2022 CVE Number CVE-2022-21806 SUMMARY A use-after-free vulnerability exists in the mipscollector appsrvserver functionality of Anker Eufy Homebase 2 2.1.8.5h. A...

10CVSS9.6AI score0.02227EPSS
Exploits1
Talos
Talos
added 2022/05/17 12:0 a.m.34 views

NVIDIA nvwgf2umx_cfg.dll shader DCL_UNORDERED_ACCESS_VIEW_STRUCTURED memory corruption vulnerability

Summary A memory corruption vulnerability exists in the shader DCLUNORDEREDACCESSVIEWSTRUCTURED functionality of NVIDIA D3D10 Driver version 496.76, 30.0.14.9676. A specially-crafted executable / shader file can lead to memory corruption. This vulnerability potentially could be triggered from gue...

8.5CVSS8.6AI score0.01492EPSS
Exploits0
Talos
Talos
added 2022/05/10 12:0 a.m.34 views

InHand Networks InRouter302 console factory stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability. Tested...

9.1CVSS7.7AI score0.03105EPSS
Exploits1
Talos
Talos
added 2022/02/28 12:0 a.m.34 views

Lansweeper lansweeper HelpdeskSetupActions SQL injection vulnerability

Summary A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions Lansweeper...

9.1CVSS8.9AI score0.72601EPSS
Exploits1
Talos
Talos
added 2022/02/16 12:0 a.m.34 views

KiCad EDA Gerber Viewer gerber and excellon coordinates parsing stack-based buffer overflow vulnerability

Summary Multiple stack-based buffer overflow vulnerabilities exist in the Gerber Viewer gerber and excellon coordinates parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a maliciou...

8.2AI score
Exploits0
Talos
Talos
added 2022/01/18 12:0 a.m.34 views

Advantech WISE-PaaS/OTA 3.0.9 Server installation privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the installation of f Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability. Tested...

9.3CVSS8.1AI score0.00872EPSS
Exploits1
Talos
Talos
added 2021/06/02 12:0 a.m.34 views

Webkit WebCore::GraphicsContext use-after-free vulnerability

Summary A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger...

8.8CVSS7.9AI score0.02913EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.34 views

Accusoft ImageGear TIF IP_planar_raster_unpack improper array index validation vulnerability

Summary An improper array index validation vulnerability exists in the TIF IPplanarrasterunpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

9.8CVSS9.5AI score0.01428EPSS
Exploits1
Talos
Talos
added 2020/11/05 12:0 a.m.34 views

Adobe Acrobat Reader DC form field format use after free

Talos Vulnerability Report TALOS-2020-1156 Adobe Acrobat Reader DC form field format use after free November 5, 2020 CVE Number CVE-2020-24437 SUMMARY A specific JavaScript code embedded in a PDF file can trigger a use-after-free vulnerability when opening a PDF document in Adobe Acrobat Reader D...

7.8CVSS7.7AI score0.45125EPSS
Exploits0
Talos
Talos
added 2020/07/31 12:0 a.m.34 views

Microsoft Azure Sphere Normal World application ptrace unsigned code execution vulnerability

Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.05. A specially crafted shellcode can cause a process’ non-writable memory to be written. An attacker can execute a shellcode that uses the ptrace system call to...

7.3CVSS7.3AI score0.01673EPSS
Exploits1
Talos
Talos
added 2019/01/02 12:0 a.m.34 views

CleanMyMac X moveItemAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the way the CleanMyMac X software improperly validates inputs. An attacker with local access could use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful...

7.1CVSS6AI score0.00306EPSS
Exploits0
Talos
Talos
added 2018/04/19 12:0 a.m.34 views

SAP BPC Web Application Information Disclosure Vulnerability

Summary An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue authenticated HT...

8.1CVSS7AI score0.01192EPSS
Exploits0
Talos
Talos
added 2018/04/13 12:0 a.m.34 views

Moxa EDR-810 Web Server URI Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this...

7.5CVSS6.4AI score0.01882EPSS
Exploits2
Total number of security vulnerabilities2224