Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pentasecurity wapples vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-35582
Penta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disc...
Pentasecurity Wapples 5.0.0.0
Pentasecurity Wapples 5.0.12.0
Pentasecurity Wapples 4.0.0
7.8
CVSSv3
CVE-2022-31322
Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows malicious users to escalate privileges via overwriting files using SUID flagged executables.
Pentasecurity Wapples V6.0.r3.4.10
Pentasecurity Wapples
6.5
CVSSv3
CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows malicious users to download arbitrary files via a crafted POST request.
Pentasecurity Wapples V6.0.r3.4.10
Pentasecurity Wapples
9.8
CVSSv3
CVE-2022-35413
WAPPLES up to and including 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001.
Pentasecurity Wapples
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started