Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
controller vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3955
URL GET parameter "logtime" utilized within the "downloadlog" function from "cbpi/http_endpoints/http_system.py" is subsequently passed to the "os.system" function in "cbpi/controller/system_controller.py" without prior validation...
NA
CVE-2024-33516
An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller.
1 Article
NA
CVE-2024-27002
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM get on controllers during probe mt8183-mfgcfg has a mutual dependency with genpd during the probing stage, which leads to a deadlock in the following call stack: CPU0: genpd_lock --...
NA
CVE-2024-3591
The Geo Controller WordPress plugin prior to 8.6.5 unserializes user input via some of its AJAX actions and REST API routes, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog.
NA
CVE-2024-3411
Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an malicious user to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC...
NA
CVE-2024-20356
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root....
2 Github repositories
NA
CVE-2024-20295
A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local malicious user to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker mu...
1 Article
NA
CVE-2024-22807
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption.
NA
CVE-2024-22808
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to cause a Denial of Service (DoS) by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory.
NA
CVE-2024-22809
Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows malicious users to access the G code's shared folder and view sensitive information.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »