Skip to main content
CVE-2018-10740 CRITICAL POC Act Now

Axublog 1.1.0 allows remote Code Execution as demonstrated by injection of PHP code (contained in the webkeywords parameter) into the cmsconfig.php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE PHP Axublog
NVD GitHub
CVSS 3.0
9.8
EPSS
2.8%
CVE-2018-10562 CRITICAL POC KEV THREAT Act Now

An issue was discovered on Dasan GPON home routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gpon Router Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
99.9%
CVE-2018-10561 CRITICAL POC KEV THREAT Act Now

An issue was discovered on Dasan GPON home routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Gpon Router Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
92.9%
CVE-2018-10251 CRITICAL Act Now

A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Aleos
NVD
CVSS 3.0
9.8
EPSS
4.5%
CVE-2018-8869 CRITICAL Act Now

In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for arbitrary input on the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ids 2102 Firmware
NVD
CVSS 3.0
9.8
EPSS
2.3%
CVE-2018-8865 CRITICAL Act Now

In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow vulnerability has been identified which may allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Ids 2102 Firmware
NVD
CVSS 3.1
9.8
EPSS
5.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy