Skip to main content
CVE-2021-33346 CRITICAL POC Act Now

There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dsl 2888A Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-31649 CRITICAL POC Act Now

In applications using jfinal 4.9.08 and below, there is a deserialization vulnerability when using redis,may be vulnerable to remote code execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Redis Jfinal
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-29954 CRITICAL POC Act Now

Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Hubs Cloud Reticulum
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2021-28800 CRITICAL Act Now

A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Command Injection Qts
NVD
CVSS 3.1
9.8
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy