Skip to main content
CVE-2016-8721 CRITICAL POC Act Now

An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Awk 3131A Firmware
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2016-5762 CRITICAL Act Now

Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Buffer Overflow Groupwise
NVD
CVSS 3.0
9.8
EPSS
8.4%
CVE-2016-1219 CRITICAL Act Now

Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API use. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Garoon
NVD
CVSS 3.0
9.8
EPSS
3.9%
CVE-2017-5158 CRITICAL Act Now

An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Wonderware Intouch Access Anywhere
NVD
CVSS 3.1
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy