CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44341
https://notcve.org/view.php?id=CVE-2024-44341
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. • http://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-846W https://github.com/yali-1002/some-poc/blob/main/CVE-2024-44341 https://www.dlink.com/en/security-bulletin • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-34087
https://notcve.org/view.php?id=CVE-2024-34087
An SEH-based buffer overflow in the BPQ32 HTTP Server in BPQ32 6.0.24.1 allows remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request. • https://groups.io/g/bpq32 https://themodernham.com/bbs-hacking-discovering-rce-within-bpq32-seh-based-buffer-overflow https://www.cantab.net/users/john.wiseman/Documents https://www.youtube.com/%40ModernHam • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-42790
https://notcve.org/view.php?id=CVE-2024-42790
This vulnerability allows remote attackers to execute arbitrary code via the "page" parameter. • https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Music%20Management%20System%20v1.0/Reflected%20XSS%20-%20index.pdf https://www.kashipara.com/project/php/12978/music-management-system-in-php-php-project-source-code • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-42789
https://notcve.org/view.php?id=CVE-2024-42789
This vulnerability allows remote attackers to execute arbitrary code via the "page" parameter. • https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Music%20Management%20System%20v1.0/Reflected%20XSS%20-%20Controller.pdf https://www.kashipara.com/project/php/12978/music-management-system-in-php-php-project-source-code • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-41285
https://notcve.org/view.php?id=CVE-2024-41285
A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path. • https://gist.github.com/Giles-one/834b2becd7abebc3cabea0484301d149 https://github.com/Giles-one/FW300RouterCrack https://www.fastcom.com.cn/product-8.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •