Skip to main content
CVE-2022-24562 CRITICAL POC THREAT Emergency

In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 53.9%.

RCE Authentication Bypass Iotransfer
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
53.9%
Threat
5.1
CVE-2022-31384 CRITICAL POC Act Now

Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Directory Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-31383 CRITICAL POC Act Now

Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Directory Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-31382 CRITICAL POC Act Now

Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Directory Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-2098 CRITICAL POC PATCH Act Now

Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Brute Force Information Disclosure Titra
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-30329 CRITICAL Act Now

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Tew 831Dr Firmware
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-33754 CRITICAL Act Now

CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Ca Automic Automation
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-33752 CRITICAL Act Now

CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Ca Automic Automation
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-33750 CRITICAL Act Now

CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ca Automic Automation
NVD
CVSS 3.1
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy