Skip to main content
CVE-2022-26147 CRITICAL POC Act Now

The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Rg502Q Ea Firmware
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2022-29775 CRITICAL POC THREAT Act Now

iSpyConnect iSpy v7.2.2.0 allows attackers to bypass authentication via a crafted URL. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ispy
NVD GitHub
CVSS 3.1
9.8
EPSS
60.7%
CVE-2022-29774 CRITICAL POC Act Now

iSpy v7.2.2.0 is vulnerable to remote command execution via path traversal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ispy
NVD GitHub
CVSS 3.1
9.8
EPSS
5.5%
CVE-2022-31374 CRITICAL POC Act Now

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Sv Cpt Mc310 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2022-31800 CRITICAL POC Act Now

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Axc 1050 Firmware Axc 1050 Xc Firmware Axc 3050 Firmware Fc 350 Pci Eth Firmware +13
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-33139 CRITICAL Act Now

A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cerberus Dms Desigo Cc Desigo Cc Compact Wincc Open Architecture
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-31801 CRITICAL Act Now

An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Multiprog Proconos Proconos Eclr
NVD
CVSS 3.1
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy