Skip to main content
CVE-2018-5726 CRITICAL POC THREAT Act Now

MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Master Ip Camera01 Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
19.8%
CVE-2018-5724 CRITICAL POC THREAT Act Now

MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Master Ip Camera01 Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
11.5%
CVE-2018-5723 CRITICAL POC Act Now

MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Master Ip Camera01 Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
9.7%
CVE-2018-5704 CRITICAL POC Act Now

Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Debian Linux Open On Chip Debugger
NVD
CVSS 3.0
9.6
EPSS
4.6%
CVE-2018-5299 CRITICAL PATCH Act Now

A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Ivanti RCE Buffer Overflow Pulse Connect Secure +1
NVD
CVSS 3.0
9.8
EPSS
3.1%
CVE-2018-5703 CRITICAL Act Now

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Linux Denial Of Service Buffer Overflow Linux Kernel
NVD
CVSS 3.1
9.8
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy