CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2023-24709 – Paradox Security Systems IPR512 - Denial Of Service
https://notcve.org/view.php?id=CVE-2023-24709
An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters. Paradox Security Systems version IPR512 suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/51356 https://github.com/DRAGOWN/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC http://packetstormsecurity.com/files/171783/Paradox-Security-Systems-IPR512-Denial-Of-Service.html https://github.com/SlashXzerozero/Injection-vulnerability-in-Paradox-Security-Systems-IPR512 https://github.com/sunktitanic/Injection-vulnerability-in-Paradox-Security-Systems-IPR512 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-25189
https://notcve.org/view.php?id=CVE-2020-25189
The affected product is vulnerable to three stack-based buffer overflows, which may allow an unauthenticated attacker to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09). El producto afectado es vulnerable a tres desbordamientos de búfer en la región stack de la memoria , lo que puede permitir a un atacante no autenticado ejecutar remotamente código arbitrario en el IP150 (versiones de firmware 5.02.09) • https://us-cert.cisa.gov/ics/advisories/icsa-20-324-02 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-25185
https://notcve.org/view.php?id=CVE-2020-25185
The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09). El producto afectado es vulnerable a cinco desbordamientos de búfer posteriores a la autenticación, lo que puede permitir a un usuario que haya iniciado sesión ejecutar remotamente código arbitrario en el IP150 (versiones de firmware 5.02.09) • https://us-cert.cisa.gov/ics/advisories/icsa-20-324-02 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •