Skip to main content
CVE-2018-15534 CRITICAL POC THREAT Act Now

Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive information including usernames and hashes via a direct request for /statistics/gscsetup.xml on TCP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Re Porter 16 Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
32.4%
CVE-2018-6692 CRITICAL Act Now

Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Wemo Insight Smart Plug Firmware
NVD
CVSS 3.1
10.0
EPSS
3.7%
CVE-2018-15601 CRITICAL PATCH Act Now

apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure PHP Elefantcms
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy