Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
micasaverde veralite firmware 1.5.408 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2013-4863
The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote malicious users to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a...
Micasaverde Veralite Firmware 1.5.408
2 EDB exploits
1 Github repository
4.3
CVSSv2
CVE-2013-4865
Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote malicious users to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
5.5
CVSSv2
CVE-2013-4862
MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
4
CVSSv2
CVE-2013-4861
Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. (dot dot) in the filename parameter.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
7.5
CVSSv2
CVE-2013-4864
MiCasaVerde VeraLite with firmware 1.5.408 allows remote malicious users to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue.
Micasaverde Veralite Firmware 1.5.408
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started