Skip to main content
CVE-2015-2857 CRITICAL POC THREAT Emergency

Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 86.7%.

RCE Command Injection File Transfer Appliance
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
86.7%
Threat
6.1
CVE-2017-12786 CRITICAL POC THREAT Emergency

Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 28.6%.

Buffer Overflow RCE Noviware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
28.6%
Threat
4.3
CVE-2017-12785 CRITICAL POC THREAT Emergency

The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

Buffer Overflow RCE Command Injection Noviware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
24.1%
Threat
4.2
CVE-2017-12787 CRITICAL POC THREAT Emergency

A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.1%.

Buffer Overflow RCE Noviware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
19.1%
Threat
4.0
CVE-2015-6473 CRITICAL POC Act Now

WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 750 849 Firmware 758 870 Firmware
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2015-6472 CRITICAL POC Act Now

WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 758-870 have weak credential management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass 750 849 Firmware 750 881 Firmware 758 870 Firmware
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2016-4460 CRITICAL PATCH Act Now

Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Apache Pony Mail
NVD
CVSS 3.0
9.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy