Skip to main content
CVE-2014-8424 HIGH POC THREAT Act Now

ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 53.5%.

Authentication Bypass Vap2500 Firmware
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
53.5%
Threat
4.7
CVE-2014-8425 HIGH POC THREAT Act Now

The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.5%.

Information Disclosure Vap2500 Firmware
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
12.5%
CVE-2014-9089 HIGH POC PATCH This Week

Multiple SQL injection vulnerabilities in view_all_bug_page.php in MantisBT before 1.2.18 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Debian Linux Mantisbt
NVD GitHub
CVSS 2.0
7.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy