Skip to main content
CVE-2021-46354 HIGH POC THREAT Act Now

Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter "Addr" in cmd site. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.6%.

Information Disclosure Thinfinity Virtualui
NVD GitHub Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
15.6%
CVE-2021-41442 HIGH This Week

An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling D-Link Dir X1860 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
4.6%
CVE-2022-22709 HIGH This Week

VP9 Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Vp9 Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2021-41441 HIGH PATCH This Week

A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to reboot the router via sending a specially crafted URL to an authenticated. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

D-Link Information Disclosure Dir X1860 Firmware
NVD VulDB
CVSS 3.1
7.4
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy