Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
florian lienhart vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-31537
SIS SIS-REWE Go prior to 7.7 SP17 allows XSS: rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters).
Sisinformatik Sis-rewe Go 7.7
Sisinformatik Sis-rewe Go
9
CVSSv2
CVE-2022-31208
An issue exists in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter.
Infiray Iray-a8z3 Firmware 1.0.957
10
CVSSv2
CVE-2022-31211
An issue exists in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.
Infiray Iray-a8z3 Firmware 1.0.957
10
CVSSv2
CVE-2022-31209
An issue exists in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without checking the string length beforehand.
Infiray Iray-a8z3 Firmware 1.0.957
7.5
CVSSv2
CVE-2022-31210
An issue exists in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts.
Infiray Iray-a8z3 Firmware 1.0.957
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started