6 matches found
CVE-2024-27776
CVE-2024-27776 affects MileSight DeviceHub. The issue is a CWE-22 path traversal vulnerability that may allow unauthenticated remote code execution over the network (no user interaction) with a CVSS v3.1 base score of 9.8 (CRITICAL). Root cause is improper limitation of a pathname to a restricted...
CVE-2024-36391
Technical details about CVE-2024-36391 are not publicly available in the provided connected documents; no affected products, versions, impact, or fix details are disclosed here. Monitor for updates.
CVE-2024-36389
The documents identify CVE-2024-36389 as affecting MileSight DeviceHub with CWE-330: Use of Insufficiently Random Values may allow Authentication Bypass. The NVD entry lists a 9.8 CVSS v3.1 score (Network attack, no privileges, high impact on confidentiality, integrity, and availability) and note...
CVE-2024-36390
Technical details about CVE-2024-36390 (affected components, exploit scenarios, and specific versions) are not publicly available in the provided documents. Monitor for updates.
CVE-2024-36388
Technical details (affected product, component, version, root cause, impact, or fix) are not publicly available in the provided documents. Monitor for updates.
CVE-2024-36392
The CVE-2024-36392 entry concerns MileSight DeviceHub with a cross-site scripting (CWE-79) weakness caused by improper input neutralization during web page generation. According to the public records, the vulnerability is network-exposed, requires user interaction, and the exploit complexity is l...