Skip to main content
CVE-2021-33514 CRITICAL POC Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +14
NVD
CVSS 3.1
9.8
EPSS
8.8%
CVE-2021-33509 CRITICAL PATCH Act Now

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Python Information Disclosure Plone
NVD
CVSS 3.1
9.9
EPSS
2.0%
CVE-2021-31474 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Network Performance Monitor
NVD
CVSS 3.1
9.8
EPSS
94.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy