Skip to main content
CVE-2017-9248 CRITICAL POC KEV THREAT Emergency

Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

XSS
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
87.8%
Threat
7.6
CVE-2017-8116 CRITICAL POC Act Now

The management interface for the Teltonika RUT9XX routers (aka LuCI) with firmware 00.03.265 and earlier allows remote attackers to execute arbitrary commands with root privileges via shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Rut900 Firmware Rut905 Firmware Rut950 Firmware Rut955 Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
7.5%
CVE-2017-7919 CRITICAL Act Now

An Improper Authentication issue was discovered in Newport XPS-Cx and XPS-Qx. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xps Cx Firmware Xps Qx Firmware
NVD
CVSS 3.0
9.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy