Skip to main content
CVE-2021-33543 CRITICAL POC THREAT Emergency

Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Authentication Bypass G Cam Ebc 2110 Firmware G Cam Ebc 2111 Firmware G Cam Efd 2241 Firmware +13
NVD
CVSS 3.1
9.8
EPSS
82.1%
CVE-2021-38833 CRITICAL POC Act Now

SQL injection vulnerability in PHPGurukul Apartment Visitors Management System (AVMS) v. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Apartment Visitors Management System
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
2.3%
CVE-2021-3666 CRITICAL POC PATCH Act Now

body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Xml Body Parser
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-24493 CRITICAL POC Act Now

The shopp_upload_file AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress File Upload Shopp
NVD WPScan
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-40870 CRITICAL POC KEV THREAT Act Now

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal File Upload Controller
NVD
CVSS 3.1
9.8
EPSS
93.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy