Skip to main content
CVE-2021-36707 CRITICAL POC Act Now

In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Prc2402M Firmware
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-36706 CRITICAL POC Act Now

In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Prc2402M Firmware
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-36705 CRITICAL POC Act Now

In ProLink PRC2402M V1.0.18 and older, the set_TR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Prc2402M Firmware
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-36351 CRITICAL POC Act Now

SQL Injection Vulnerability in Care2x Open Source Hospital Information Management 2.7 Alpha via the (1) pday, (2) pmonth, and (3) pyear parameters in GET requests sent to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hospital Information Management System
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-37388 CRITICAL POC Act Now

A buffer overflow in D-Link DIR-615 C2 3.03WW. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link RCE Dir 615 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.7%
CVE-2021-26606 CRITICAL Act Now

A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Magicline4Nx Exe
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-37544 CRITICAL Act Now

In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Teamcity
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-36209 CRITICAL Act Now

In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hub
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2021-20597 CRITICAL Act Now

Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubishi Electric MELSEC iQ-R. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass R08Sfcpu Firmware R16Sfcpu Firmware R32Sfcpu Firmware R120Sfcpu Firmware +4
NVD
CVSS 3.1
9.1
EPSS
2.2%
CVE-2021-37549 CRITICAL Act Now

In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Youtrack
NVD
CVSS 3.1
9.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy