Datacube3 Firmware@1.0 Security Vulnerabilities and Issues — Datacube3 Firmware@1.0 CVE List

Lucene search

F-logicDatacube3 Firmware1.0

4 matches found

CVE•added 2024/02/29 1:44 a.m.•83 views

CVE-2024-25830

F-logic DataCube3 v1.0 is vulnerable to Incorrect Access Control due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this, by sending a URI that contains the path of the configuration file. A successful exploit could allow the attacker to extract the roo...

9.8CVSS6.8AI score0.38983EPSS

CVE•added 2024/04/19 12:15 a.m.•54 views

CVE-2024-31750

SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain sensitive information via the req_id parameter.

9.8CVSS7.3AI score0.9183EPSS

CVE•added 2024/05/28 5:15 p.m.•42 views

CVE-2024-34852

F-logic DataCube3 v1.0 is affected by command injection due to improper string filtering at the command execution point in the ./admin/transceiver_schedule.php file. An unauthenticated remote attacker can exploit this vulnerability by sending a file name containing command injection. Successful exp...

6.3CVSS8.4AI score0.00831EPSS

CVE•added 2024/05/28 5:15 p.m.•21 views

CVE-2024-34854

F-logic DataCube3 v1.0 is vulnerable to File Upload via /admin/transceiver_schedule.php.

9.8CVSS6.8AI score0.00937EPSS