6.5

CVSS3.1

CVE-2024-42942 -

Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: Aug. 16, 2024, 6:15 p.m.

9.8

CVSS3.1

CVE-2024-42947 -

An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request.

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: March 13, 2025, 2:15 p.m.

6.3

CVSS3.1

CVE-2024-22219 -

XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code execution (RCE), or โ€ฆ

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

5

CVSS3.1

CVE-2024-42678 -

Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component.

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: Nov. 18, 2024, 6:15 p.m.

6.5

CVSS3.1

CVE-2024-22217 -

A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on.

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: March 24, 2025, 5:15 p.m.

9.8

CVSS3.1

CVE-2024-42757 -

Command injection vulnerability in Asus RT-N15U 3.0.0.4.376_3754 allows a remote attacker to execute arbitrary code via the netstat function page.

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-42969 -

Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: Aug. 16, 2024, 6:35 p.m.

5.5

CVSS3.1

CVE-2024-42680 -

An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark.

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: March 25, 2025, 5:16 p.m.

9.8

CVSS3.1

CVE-2024-42967 -

Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: March 13, 2025, 4:15 p.m.

5.5

CVSS3.1

CVE-2024-42677 -

An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nssys/common/filehandle. Aspx component

๐Ÿ“… Published: Aug. 15, 2024, midnight ๐Ÿ”„ Last Modified: Nov. 18, 2024, 5:15 p.m.
Total resulsts: 348401
Page 8764 of 34,841
ยซ previous page ยป next page
Filters