Skip to main content
CVE-2013-3632 HIGH POC THREAT Act Now

The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 78.9%.

PHP Privilege Escalation Openmediavault
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
78.9%
Threat
5.6
CVE-2013-3092 HIGH POC This Week

The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass N300 Firmware N300
NVD
CVSS 2.0
8.3
EPSS
0.7%
CVE-2013-3066 HIGH POC This Week

Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Privilege Escalation Linksys Ea6500 Firmware Ea6500
NVD
CVSS 2.0
7.1
EPSS
0.2%
CVE-2014-3811 HIGH This Week

Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Privilege Escalation Microsoft Juniper Installer Service Client Junos Pulse Client
NVD
CVSS 2.0
7.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy