Skip to main content
CVE-2022-38555 CRITICAL POC THREAT Emergency

Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.2%.

Memory Corruption Buffer Overflow Linksys E1200 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
12.2%
CVE-2022-37053 CRITICAL POC Act Now

TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Code Injection PHP Tew733Gr Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
2.6%
CVE-2022-36708 CRITICAL POC Act Now

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /student/bookdetails.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Library Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-36706 CRITICAL POC Act Now

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /stocks/manage_stockout.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-36705 CRITICAL POC Act Now

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /stocks/manage_waste.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredients Stock Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-37056 CRITICAL POC THREAT Act Now

D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Go Rt Ac750 Firmware
NVD
CVSS 3.1
9.8
EPSS
10.3%
CVE-2022-37055 CRITICAL POC KEV THREAT Act Now

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Go Rt Ac750 Firmware
NVD
CVSS 3.1
9.8
EPSS
57.0%
CVE-2022-38556 CRITICAL POC Act Now

Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Tew733Gr Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37057 CRITICAL POC THREAT Act Now

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Go Rt Ac750 Firmware
NVD
CVSS 3.1
9.8
EPSS
25.1%
CVE-2022-36756 CRITICAL POC Act Now

DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection PHP Code Injection Dir 845L Firmware
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2022-36755 CRITICAL POC Act Now

D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass PHP Dir 845L Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-38557 CRITICAL Act Now

D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

D-Link Authentication Bypass Dir 845L Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy