CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-48594
https://notcve.org/view.php?id=CVE-2024-48594
File Upload vulnerability in Prison Management System v.1.0 allows a remote attacker to execute arbitrary code via the file upload component. • https://github.com/Aa1b/mycve/blob/main/Readme.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-48825
https://notcve.org/view.php?id=CVE-2024-48825
Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. • https://github.com/ixout/iotVuls/blob/main/Tenda/ac7_005/report.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-48826
https://notcve.org/view.php?id=CVE-2024-48826
Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. • https://github.com/ixout/iotVuls/blob/main/Tenda/ac7_006/report.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-48074
https://notcve.org/view.php?id=CVE-2024-48074
An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function. • https://github.com/Giles-one/Vigor2960Crack https://gist.github.com/Giles-one/6425e97dcd1ec97a722a1e20da25fad7 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-39205
https://notcve.org/view.php?id=CVE-2024-39205
An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request. • https://github.com/Marven11/CVE-2024-39205-Pyload-RCE https://github.com/Marven11/CVE-2024-39205-Pyload-RCE/tree/main https://github.com/pyload/pyload https://github.com/pyload/pyload/security/advisories/GHSA-r9pp-r4xf-597r - •