CVSS: 6.0EPSS: %CPEs: -EXPL: 0CVE-2024-32349
https://notcve.org/view.php?id=CVE-2024-32349
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mtu" parameters in the "cstecgi.cgi" binary. Se descubrió que TOTOLINK X5000R V9.1.0cu.2350_B20230313 contiene una vulnerabilidad de ejecución remota de comandos (RCE) autenticada a través de los parámetros "mtu" en el binario "cstecgi.cgi". • https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md https://www.totolink.net • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.1EPSS: %CPEs: -EXPL: 0CVE-2024-26367
https://notcve.org/view.php?id=CVE-2024-26367
Cross Site Scripting vulnerability in Evertz microsystems MViP-II Firmware 8.6.5, XPS-EDGE-* Build 1467, evEDGE-EO-* Build 0029, MMA10G-* Build 0498, 570IPG-X19-10G Build 0691 allows a remote attacker to execute arbitrary code via a crafted payload to the login parameters. • http://cc.com http://evertz.com https://wiki.notveg.ninja/blog/CVE-2024-26367 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: %CPEs: -EXPL: 0CVE-2024-33454
https://notcve.org/view.php?id=CVE-2024-33454
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the Bluetooth stack component. • https://gist.github.com/Zakary-D/30f565c4266c02c62aa9089c363e78e9 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.8EPSS: %CPEs: -EXPL: 0CVE-2024-33433
https://notcve.org/view.php?id=CVE-2024-33433
Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page. • https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_2_Guest_Access_Control/README.md • CWE-233: Improper Handling of Parameters •
CVSS: 7.2EPSS: %CPEs: -EXPL: 0CVE-2024-33250
https://notcve.org/view.php?id=CVE-2024-33250
An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted request. • https://github.com/hacker2004/cccccckkkkkk/blob/main/CVE-2024-33250.md • CWE-918: Server-Side Request Forgery (SSRF) •