Skip to main content
CVE-2022-23334 CRITICAL Act Now

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Jwt Attack Newtest
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-23582 CRITICAL Act Now

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Wattbox Wb 300 Ip 3 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-24020 CRITICAL Act Now

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wattbox Wb 300 Ip 3 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-24612 CRITICAL PATCH Act Now

The PdfBook extension through 2.0.5 before b07b6a64 for MediaWiki allows command injection via an option. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Command Injection Pdfbook
NVD
CVSS 3.1
9.8
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy