Skip to main content
CVE-2014-8387 CRITICAL POC THREAT Emergency

cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.4%.

Command Injection Eki 6340 Firmware Eki 6340
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
13.4%
CVE-2014-9002 CRITICAL POC Act Now

Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Xprintserver
NVD
CVSS 2.0
10.0
EPSS
3.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy