CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-5505 – NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5505
NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. ... An attacker can leverage this vulnerability to execute code in the context of SYSTEM. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. ... An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-24-563 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.7EPSS: 0%CPEs: -EXPL: 0CVE-2023-52162
https://notcve.org/view.php?id=CVE-2023-52162
Mercusys MW325R EU V3 (Firmware MW325R(EU)_V3_1.11.0 Build 221019) is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. • https://k4m1ll0.com/cve-2023-52162.html • CWE-121: Stack-based Buffer Overflow •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-36729
https://notcve.org/view.php?id=CVE-2024-36729
The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizard_ipv6 with a sufficiently long reboot_type key. • https://github.com/HouseFuzz/reports/blob/main/trendnet/TEW827/wizard_ipv6/wizard_ipv6.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-36728
https://notcve.org/view.php?id=CVE-2024-36728
The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlan_setting with a sufficiently long dns1 or dns 2 key. • https://github.com/HouseFuzz/reports/blob/main/trendnet/TEW827/vlan_setting/vlan_setting.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-36569
https://notcve.org/view.php?id=CVE-2024-36569
Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php. • https://github.com/debug601/bug_report/blob/main/vendors/mayuri_k/gas-agency-management-system/RCE-1.md • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •