Skip to main content
CVE-2018-11714 CRITICAL POC THREAT Act Now

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Session Fixation Information Disclosure TP-Link Tl Wr840N Firmware Tl Wr841n Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
36.5%
CVE-2018-11711 CRITICAL POC Act Now

A remote attacker can bypass the System Manager Mode on the Canon MF210 and MF220 web interface without knowing the PIN for /login.html via vectors involving /portal_top.html to get full access to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mf210 Firmware Mf220 Firmware
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
5.3%
CVE-2018-11692 CRITICAL POC Act Now

An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lbp3370 Firmware Lbp3460 Firmware Lbp7750C Firmware Lbp6650 Firmware
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
4.6%
CVE-2018-10611 CRITICAL Act Now

Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Authentication Bypass RCE Mds Pulsenet
NVD
CVSS 3.0
9.8
EPSS
5.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy