Skip to main content
CVE-2019-7276 CRITICAL POC THREAT Emergency

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Enterprise Proton
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
93.4%
CVE-2019-7274 CRITICAL POC THREAT Act Now

Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Enterprise Proton
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
29.0%
CVE-2019-7667 CRITICAL POC Act Now

Prima Systems FlexAir, Versions 2.3.38 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Flexair
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2019-13131 CRITICAL POC Act Now

Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote attackers to execute arbitrary commands via NRPE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Superdoctor 5
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
3.6%
CVE-2019-7271 CRITICAL Act Now

Nortek Linear eMerge 50P/5000P devices have Default Credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Linear Emerge 50P Firmware Linear Emerge 5000P Firmware
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2019-5497 CRITICAL Act Now

NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aff A700S Firmware Clustered Data Ontap
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2019-10979 CRITICAL Act Now

SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Msc800 Firmware
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2019-7668 CRITICAL Act Now

Prima Systems FlexAir devices have Default Credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Flexair
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2019-4336 CRITICAL PATCH Act Now

IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Robotic Process Automation With Automation Anywhere
NVD
CVSS 3.1
9.8
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy