Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec consult vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that c...
Schneider-electric Evlink City Evc1s22p4 Firmware
Schneider-electric Evlink City Evc1s7p4 Firmware
Schneider-electric Evlink Parking Evw2 Firmware
Schneider-electric Evlink Parking Evf2 Firmware
Schneider-electric Evlink Parking Ev.2 Firmware
Schneider-electric Evlink Smart Wallbox Evb1a Firmware
10
CVSSv2
CVE-2020-8465
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.
Trendmicro Interscan Web Security Virtual Appliance 6.5
10
CVSSv2
CVE-2020-16204
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an malicious user to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
10
CVSSv2
CVE-2020-11956
An issue exists on Rittal PDU-3C002DEC up to and including 5.17.10 and CMCIII-PU-9333E0FB up to and including 3.17.10 devices. There is a least privilege violation.
Rittal Cmciii-pu-9333e0fb Firmware
Rittal Pdu-3c002dec Firmware
Rittal Cmc Iii Pu 7030.000 Firmware
Rittal Lcp-cw Firmware
Rittal Iot Interface 3124.300
10
CVSSv2
CVE-2020-11951
An issue exists on Rittal PDU-3C002DEC up to and including 5.17.10 and CMCIII-PU-9333E0FB up to and including 3.17.10 devices. There is a Backdoor root account.
Rittal Cmciii-pu-9333e0fb Firmware
Rittal Pdu-3c002dec Firmware
Rittal Cmc Iii Pu 7030.000 Firmware
Rittal Lcp-cw Firmware
Rittal Iot Interface 3124.300
10
CVSSv2
CVE-2019-12549
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
10
CVSSv2
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
Wago 852-303 Firmware
Wago 852-1305 Firmware
Wago 852-1505 Firmware
9.3
CVSSv2
CVE-2020-16208
The affected product is vulnerable to cross-site request forgery, which may allow an malicious user to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
9.3
CVSSv2
CVE-2013-2642
Sophos Web Appliance prior to 3.7.8.2 allows (1) remote malicious users to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation variable in a customized template, and remote authenticated users to execut...
Sophos Web Appliance Firmware
Sophos Web Appliance -
1 EDB exploit
9.3
CVSSv2
CVE-2012-0391
The ExceptionDelegator component in Apache Struts prior to 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote malicious users to execute arbitrary Java code via a crafted parameter...
Apache Struts
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »