Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jbaines-r7 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-0543
It exists, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
Redis Redis -
1 Metasploit module
10 Github repositories
6.5
CVSSv2
CVE-2021-37343
A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios.
Nagios Nagios Xi
1 Metasploit module
9.3
CVSSv2
CVE-2021-36260
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
Hikvision Ds-2cd2026g2-iu\\/sl Firmware -
Hikvision Ds-2cd2046g2-iu\\/sl Firmware -
Hikvision Ds-2cd2066g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2066g2-iu\\/sl Firmware -
Hikvision Ds-2cd2086g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2086g2-iu\\/sl Firmware -
Hikvision Ds-2cd2166g2-i\\(su\\) Firmware -
Hikvision Ds-2cd2186g2-i\\(su\\) Firmware -
Hikvision Ds-2cd2186g2-isu Firmware -
Hikvision Ds-2cd2326g2-isu\\/sl Firmware -
Hikvision Ds-2cd2346g2-isu\\/sl Firmware -
Hikvision Ds-2cd2366g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2366g2-isu\\/sl Firmware -
Hikvision Ds-2cd2386g2-i\\(u\\) Firmware -
Hikvision Ds-2cd2386g2-isu\\/sl Firmware -
Hikvision Ds-2cd2426g2-i Firmware -
Hikvision Ds-2cd2446g2-i Firmware -
Hikvision Ds-2cd2526g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2526g2-is Firmware -
Hikvision Ds-2cd2546g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2566g2-i\\(s\\) Firmware -
Hikvision Ds-2cd2586g2-i\\(s\\) Firmware -
1 Metasploit module
30 Github repositories
2 Articles
7.5
CVSSv2
CVE-2022-20705
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an malicious user to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch ...
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
Cisco Rv160 Firmware
Cisco Rv160w Firmware
Cisco Rv260 Firmware
Cisco Rv260p Firmware
Cisco Rv260w Firmware
1 Metasploit module
7.5
CVSSv2
CVE-2022-20707
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an malicious user to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch ...
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
1 Metasploit module
7.5
CVSSv2
CVE-2021-1472
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, se...
Cisco Rv160 Firmware
Cisco Rv160w Firmware
Cisco Rv260 Firmware
Cisco Rv260p Firmware
Cisco Rv260w Firmware
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
1 Metasploit module
7.5
CVSSv2
CVE-2021-1473
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, se...
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
1 Metasploit module
1 Github repository
9
CVSSv2
CVE-2021-41282
diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the commo...
Pfsense Pfsense 2.5.2
1 Metasploit module
1 Github repository
5
CVSSv2
CVE-2020-5723
The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an malicious user to retrieve all passwords and possibly gain elevated privileges.
Grandstream Ucm6202 Firmware
Grandstream Ucm6204 Firmware
Grandstream Ucm6208 Firmware
1 Metasploit module
5
CVSSv2
CVE-2020-5724
The Grandstream UCM6200 series prior to 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords.
Grandstream Ucm6202 Firmware
Grandstream Ucm6204 Firmware
Grandstream Ucm6208 Firmware
1 Metasploit module
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »