Page 2 of 34 results (0.005 seconds)

CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0

A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0

A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0

An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data. • https://cert.vde.com/en/advisories/VDE-2024-039 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •