Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
controller vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3591
The Geo Controller WordPress plugin prior to 8.6.5 unserializes user input via some of its AJAX actions and REST API routes, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog.
NA
CVE-2024-3411
Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an malicious user to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC...
NA
CVE-2024-20295
A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local malicious user to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker mu...
1 Article
NA
CVE-2024-20356
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root....
2 Github repositories
NA
CVE-2024-22807
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption.
NA
CVE-2024-22808
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to cause a Denial of Service (DoS) by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory.
NA
CVE-2024-22809
Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to access the G code's shared folder and view sensitive information.
NA
CVE-2024-22811
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to cause a Denial of Service (DoS) by disrupting the communication between the PathPilot controller and the CNC router via overwriting the Hostmot2 configuration cookie in the device memory.
NA
CVE-2024-22813
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and the controller.
NA
CVE-2024-22815
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to cause a Denial of Service (DoS) via crafted commands.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »