CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52777
https://notcve.org/view.php?id=CVE-2024-52777
29 Nov 2024 — DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L, <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/system/basic/license_update.php. • https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52778
https://notcve.org/view.php?id=CVE-2024-52778
29 Nov 2024 — DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_hist.php. • https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52779
https://notcve.org/view.php?id=CVE-2024-52779
29 Nov 2024 — DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_top10.php. • https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52780
https://notcve.org/view.php?id=CVE-2024-52780
29 Nov 2024 — DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/system/basic/mgmt_edit.php. • https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52781
https://notcve.org/view.php?id=CVE-2024-52781
29 Nov 2024 — DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/system/tool/traceroute.php. • https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52782
https://notcve.org/view.php?id=CVE-2024-52782
29 Nov 2024 — DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/mon_stat_hist_new.php. • https://ba1100n.tech/%E6%BC%8F%E6%B4%9E%E6%8A%A5%E5%91%8A/dcme-all-series-rcessix-one •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48659
https://notcve.org/view.php?id=CVE-2024-48659
21 Oct 2024 — An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the log_u_umount.php component. • https://gist.github.com/CLan-nad/a879f7696a58656b384c46bf4ba74e80 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-26802
https://notcve.org/view.php?id=CVE-2023-26802
26 Mar 2023 — An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request. • https://github.com/winmt/my-vuls/tree/main/DCN%20DCBI-Netlog-LAB • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 1CVE-2021-42324
https://notcve.org/view.php?id=CVE-2021-42324
05 Apr 2022 — An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell metacharacters in the capture command parameters. Command output will be shown on the Serial interface of the device. Exploitation requires both credentials and physical access. Se ha detectado un problema en los d... • https://exatel.pl/cve-2021-42324-metacharacter-injection-w-przelacznikach-dcn-s4600-10p-si • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 0CVE-2022-25390
https://notcve.org/view.php?id=CVE-2022-25390
18 Mar 2022 — DCN Firewall DCME-520 was discovered to contain a remote command execution (RCE) vulnerability via the host parameter in the file /system/tool/ping.php. Se ha detectado que DCN Firewall DCME-520 contiene una vulnerabilidad de ejecución de comandos remota (RCE) por medio del parámetro host en el archivo /system/tool/ping.php • https://www.adminxe.com/3276.html •