Skip to main content
CVE-2018-9059 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Easy File Sharing Web Server
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
77.3%
CVE-2018-8826 CRITICAL Act Now

ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rt Ac51U Firmware Rt Ac58U Firmware Rt Ac66U Firmware Rt Ac1750 Firmware +9
NVD
CVSS 3.0
9.8
EPSS
4.3%
CVE-2018-1290 CRITICAL Act Now

In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, Using a single quotation escape with two continuous SQL parameters can cause a SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Apache Fineract
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2018-10238 CRITICAL PATCH Act Now

bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Bacnet Protocol Stack
NVD
CVSS 3.0
9.8
EPSS
1.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy