Page 272 of 37488 results (0.061 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. ... An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23105 This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-846 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. ... An attacker can leverage this vulnerability to execute code in the context of the device. •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. ... An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23230 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.zerodayinitiative.com/advisories/ZDI-24-853 • CWE-121: Stack-based Buffer Overflow •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. ... An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23194 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. ... An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.zerodayinitiative.com/advisories/ZDI-24-851 • CWE-121: Stack-based Buffer Overflow •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://wpscan.com/vulnerability/fa6f01d6-aa3b-4452-9c5f-49bb227fea9d • CWE-434: Unrestricted Upload of File with Dangerous Type •