Skip to main content
CVE-2020-28347 CRITICAL POC THREAT Emergency

tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection TP-Link Ac1750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
73.8%
CVE-2020-28340 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2020-28343 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-28342 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-28341 HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-7764 HIGH PATCH This Week

This affects the package find-my-way before 2.2.5, from 3.0.0 and before 3.0.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Denial Of Service Find My Way
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-28345 HIGH This Week

An issue was discovered on LG mobile devices with Android OS 10 software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Null Pointer Dereference Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-28344 HIGH This Week

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Null Pointer Dereference Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy