Skip to main content
CVE-2020-27373 HIGH POC This Week

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command over BLE. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Icheck Connect Bp Monitor Bp Testing 118 Firmware
NVD VulDB
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-27376 HIGH POC This Week

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Icheck Connect Bp Monitor Bp Testing 118 Firmware
NVD VulDB
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-0935 HIGH POC PATCH This Week

Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Live Helper Chat
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2022-26627 HIGH POC This Week

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Online Project Time Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-27374 HIGH POC This Week

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to BP Monitoring. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Icheck Connect Bp Monitor Bp Testing 118 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-26670 HIGH This Week

D-Link DIR-878 has inadequate filtering for special characters in the webpage input field. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

D-Link Command Injection Dir 878 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-25597 HIGH This Week

ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform command injection attack, execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Rt Ac86U Firmware
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-25596 HIGH This Week

ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Rt Ac86U Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-23973 HIGH This Week

ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Rt Ax56U Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-23972 HIGH This Week

ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SQLi Rt Ax56U Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2022-23971 HIGH This Week

ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Rt Ax56U Firmware
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2022-23970 HIGH This Week

ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Rt Ax56U Firmware
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2022-22515 HIGH This Week

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Control For Beaglebone Sl Control For Beckhoff Cx9020 Control For Empc A Imx6 Sl Control For Iot2000 Sl +14
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2022-22516 HIGH This Week

The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Control Rte Sl Control Rte Sl For Beckhoff Cx Control Win Sl +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26675 HIGH This Week

aEnrich a+HRD has inadequate filtering for special characters in URLs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal A Hrd
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2022-22519 HIGH This Week

A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Control For Beaglebone Sl Control For Beckhoff Cx9020 Control For Empc A Imx6 Sl Control For Iot2000 Sl +14
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-22517 HIGH This Week

An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Control For Beaglebone Sl Control For Beckhoff Cx9020 Control For Empc A Imx6 Sl Control For Iot2000 Sl +16
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-0677 HIGH This Week

Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Endpoint Security Tools Gravityzone Update Server
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-26671 HIGH This Week

Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dr Id Access Control Dr Id Attendance System
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2022-22514 HIGH This Week

An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Sl Control For Beckhoff Cx9020 Control For Empc A Imx6 Sl Control For Iot2000 Sl +16
NVD
CVSS 3.1
7.1
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy