Skip to main content
CVE-2018-3934 CRITICAL POC Act Now

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Yi Home Camera Firmware
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2018-17916 CRITICAL POC Act Now

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Indusoft Web Studio Edge Intouch Machine Edition 2014
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2018-17914 CRITICAL POC Act Now

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Indusoft Web Studio Edge Intouch Machine Edition 2014
NVD
CVSS 3.1
9.8
EPSS
4.6%
CVE-2018-17922 CRITICAL Act Now

Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Circarlife Firmware
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2018-17918 CRITICAL Act Now

Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Circarlife Firmware
NVD
CVSS 3.0
9.8
EPSS
3.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy