CVSS: 9.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-40505
https://notcve.org/view.php?id=CVE-2024-40505
Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component. • https://coldwx.github.io/CVE-2024-40505.html https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10266 • CWE-35: Path Traversal: '.../ •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6689 – Local privilege escalation vulnerability in baramundi Management Agent via MSI Installer
https://notcve.org/view.php?id=CVE-2024-6689
Local Privilege Escalation in MSI-Installer in baramundi Management Agent v23.1.172.0 on Windows allows a local unprivileged user to escalate privileges to SYSTEM. • https://www.baramundi.com/en-us/security-info/s-2024-01 • CWE-749: Exposed Dangerous Method or Function •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-39524 – Junos OS Evolved: CLI parameter processing issue allows privilege escalation
https://notcve.org/view.php?id=CVE-2024-39524
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level. This issue affects Junos OS Evolved: All versions before 20.4R3-S7-EVO, 21.2-EVO versions before 21.2R3-S8-EVO, 21.4-EVO versions before 21.4R3-S7-EVO, 22.2-EVO versions before 22.2R3-EVO, 22.3-EVO versions before 22.3R2-EVO, 22.4-EVO versions before 22.4R2-EVO. • https://supportportal.juniper.net/JSA82975 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-39523 – Junos OS Evolved: CLI parameter processing issue allows privilege escalation
https://notcve.org/view.php?id=CVE-2024-39523
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level. This issue affects Junos OS Evolved: * All versions before 20.4R3-S7-EVO, * 21.2-EVO versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S7-EVO, * 22.1-EVO versions before 22.1R3-S6-EVO, * 22.2-EVO versions before 22.2R3-EVO, * 22.3-EVO versions before 22.3R2-EVO, * 22.4-EVO versions before 22.4R2-EVO. • https://supportportal.juniper.net/JSA82975 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39522 – Junos OS Evolved: CLI parameter processing issue allows privilege escalation
https://notcve.org/view.php?id=CVE-2024-39522
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level. This issue affects Junos OS Evolved: * 22.3-EVO versions before 22.3R2-EVO, * 22.4-EVO versions before 22.4R1-S1-EVO, 22.4R2-EVO. • https://supportportal.juniper.net/JSA82975 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •