Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmed alroky vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-4039
A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an malicious user to execute arbitrary OS commands on the device.
Zyxel Nwa1100-nh Firmware
7.5
CVSSv3
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
Wavlink Wn533a8 Firmware M33a8.v5030.190716
7.5
CVSSv3
CVE-2022-34047
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows malicious users to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].
Wavlink Wl-wn530hg4 Firmware M30hg4.v5030.191116
6.1
CVSSv3
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 exists to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.
Wavlink Wn533a8 Firmware M33a8.v5030.190716
6.1
CVSSv3
CVE-2021-46379
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site.
Dlink Dir-850l Firmware 1.08trb03
8.8
CVSSv3
CVE-2022-38841
Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page.
Linksys E8450 Firmware 1.1.00
9.8
CVSSv3
CVE-2023-28343
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.
Apsystems Energy Communication Unit Firmware C1.2.5
2 Github repositories
7.5
CVSSv3
CVE-2021-46378
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download.
Dlink Dir-850l Firmware 1.08trb03
7.5
CVSSv3
CVE-2022-38840
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.
Guralp Man-eam-0003 3.2.4
9.1
CVSSv3
CVE-2021-46424
Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote malicious user to delete any file, even system internal files, via a DELETE request.
Telesquare Tlr-2005ksh Firmware 1.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon