Skip to main content
CVE-2023-30404 CRITICAL POC Act Now

Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to contain a remote code execution (RCE) vulnerability via the sysCmd parameter in the formSysCmd function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Wireless N Repeater Mini Router Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2023-30845 CRITICAL POC PATCH Act Now

ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Authentication Bypass Espv2
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-30363 CRITICAL POC PATCH Act Now

vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Prototype Pollution Vconsole
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-30211 CRITICAL POC Act Now

OURPHP <= 7.2.0 is vulnerable to SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ourphp
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-27843 CRITICAL POC Act Now

SQL injection vulnerability found in PrestaShop askforaquote v.5.4.2 and before allow a remote attacker to gain privileges via the QuotesProduct::deleteProduct component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ask For A Quote
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-30280 CRITICAL Act Now

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear R6900 Firmware R6700 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-29268 CRITICAL Act Now

The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that allows an unauthenticated remote attacker to upload or modify arbitrary files. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Spotfire Statistics Services
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-24796 CRITICAL Act Now

Password vulnerability found in Vinga WR-AC1200 81.102.1.4370 and before allows a remote attacker to execute arbitrary code via the password parameter at the /goform/sysTools and /adm/systools.asp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Wr Ac1200 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy