CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-52739
https://notcve.org/view.php?id=CVE-2024-52739
D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters. • https://github.com/faqiadegege/IoTVuln/blob/main/DI_8400_msp_info_htm_rce/detail.md https://www.dlink.com/en/security-bulletin • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-52765
https://notcve.org/view.php?id=CVE-2024-52765
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter. • http://tjr181.com/2024/11/08/H3C%20GR-1800AX •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-52769
https://notcve.org/view.php?id=CVE-2024-52769
An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://co-a1natas.feishu.cn/docx/Zsd9dnGUvoBW6tx0G5fcVx6vnBb https://github.com/DedeBIZ/DedeV6 •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-52770
https://notcve.org/view.php?id=CVE-2024-52770
An arbitrary file upload vulnerability in the component /admin/file_manage_control of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://co-a1natas.feishu.cn/docx/Zsd9dnGUvoBW6tx0G5fcVx6vnBb https://github.com/DedeBIZ/DedeV6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11477 – 7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-11477
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-24-1532 • CWE-191: Integer Underflow (Wrap or Wraparound) •