Skip to main content
CVE-2022-37072 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanLinkspyMulti. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37071 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateOne2One. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37070 CRITICAL POC THREAT Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
10.6%
CVE-2022-37069 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateSnat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37068 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37067 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanParamsMulti. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37066 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateDDNS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36520 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function DEleteusergroup. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36519 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function AddWlanMacList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36518 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditWlanMacList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36517 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function debug_wlan_advance. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36516 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function ap_version_check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36515 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function addactionlist. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36514 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function WanModeSetMultiWan. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36513 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-36511 CRITICAL POC Act Now

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-2957 CRITICAL POC Act Now

A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple And Nice Shopping Cart Script
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-34960 CRITICAL POC Act Now

The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mikrotik Routeros
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-36721 HIGH POC This Week

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Textbook parameter at /admin/modify.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Library Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36720 HIGH POC This Week

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/modify1.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Library Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36703 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36701 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36700 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36699 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36698 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-31269 HIGH POC This Week

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Emerge E3 Firmware
NVD GitHub
CVSS 3.1
8.2
EPSS
5.1%
CVE-2022-2997 HIGH POC PATCH This Week

Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Session Fixation Snipe It
NVD GitHub
CVSS 3.1
8.0
EPSS
0.7%
CVE-2022-2982 HIGH POC PATCH This Week

Use After Free in GitHub repository vim/vim prior to 9.0.0260. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Vim Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-37824 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37823 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetVirtualSer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37822 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37821 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ProvinceCode parameter in the function formSetProvince. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37820 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37819 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37818 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37817 HIGH POC This Week

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ax1803 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37084 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the sPort parameter at the addEffect function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37083 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37082 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37081 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37080 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the command parameter at setting/setTracerouteCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37079 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2022-37078 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at /setting/setLanguageCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Command Injection Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-37077 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the pppoeUser parameter. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-36455 HIGH POC This Week

TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A3600r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37076 HIGH POC This Week

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-37075 HIGH POC This Week

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow A7000r Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-37074 HIGH POC This Week

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Gr 1200W Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-36510 HIGH POC THREAT This Week

H3C GR2200 MiniGR1A0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gr2200 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
12.3%
CVE-2022-36509 HIGH POC THREAT This Week

H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gr3200 Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
12.3%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy