Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
faronics insight 10.0.19045 vulnerabilities and exploits
(subscribe to this query)
9.6
CVSSv3
CVE-2023-28347
An issue exists in Faronics Insight 10.0.19045 on Windows. It is possible for an malicious user to create a proof-of-concept script that functions similarly to a Student Console, providing unauthenticated attackers with the ability to exploit XSS vulnerabilities within the Teache...
Faronics Insight 10.0.19045
8.8
CVSSv3
CVE-2023-28349
An issue exists in Faronics Insight 10.0.19045 on Windows. It is possible for an malicious user to create a crafted program that functions similarly to the Teacher Console. This can compel Student Consoles to connect and put themselves at risk automatically. Connected Student Con...
Faronics Insight 10.0.19045
8.8
CVSSv3
CVE-2023-28353
An issue exists in Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker is able to upload any type of file to any location on the Teacher Console's computer, enabling a variety of different exploitation paths including code execution. It is also possible for t...
Faronics Insight 10.0.19045
7.4
CVSSv3
CVE-2023-28348
An issue exists in Faronics Insight 10.0.19045 on Windows. A suitably positioned attacker could perform a man-in-the-middle attack on either a connected student or teacher, enabling them to intercept student keystrokes or modify executable files being sent from teachers to studen...
Faronics Insight 10.0.19045
7.4
CVSSv3
CVE-2023-28352
An issue exists in Faronics Insight 10.0.19045 on Windows. By abusing the Insight UDP broadcast discovery system, an attacker-controlled artificial Student Console can connect to and attack a Teacher Console even after Enhanced Security Mode has been enabled.
Faronics Insight 10.0.19045
7.3
CVSSv3
CVE-2023-28346
An issue exists in Faronics Insight 10.0.19045 on Windows. It is possible for a remote malicious user to communicate with the private API endpoints exposed at /login, /consoleSettings, /console, etc. despite Virtual Host Routing being used to block this access. Remote attackers c...
Faronics Insight 10.0.19045
7.1
CVSSv3
CVE-2023-28344
An issue exists in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application allows unauthenticated malicious users to view constantly updated screenshots of student desktops and to submit falsified screenshots on behalf of students. Attackers are able to vi...
Faronics Insight 10.0.19045
6.1
CVSSv3
CVE-2023-28350
An issue exists in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an malicious user to execute JavaScript in these applications. Due to the rich and hi...
Faronics Insight 10.0.19045
4.6
CVSSv3
CVE-2023-28345
An issue exists in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher's Console password in cleartext via an API endpoint accessible from localhost. Attackers with physical access to the Teacher Console can open a web browser,...
Faronics Insight 10.0.19045
3.3
CVSSv3
CVE-2023-28351
An issue exists in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them t...
Faronics Insight 10.0.19045
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started