Skip to main content
CVE-2023-30065 HIGH POC This Week

MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Gpt 2741Gnac N2 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-2552 HIGH POC PATCH This Week

Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Bumsys
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-2551 HIGH POC PATCH This Week

PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

LFI PHP Information Disclosure Bumsys
NVD GitHub
CVSS 3.1
8.8
EPSS
1.9%
CVE-2023-32235 HIGH POC PATCH THREAT This Week

Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Ghost
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
39.1%
CVE-2023-29963 HIGH POC This Week

S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection PHP S Cms
NVD GitHub
CVSS 3.1
7.2
EPSS
1.6%
CVE-2023-2554 HIGH POC PATCH THREAT This Week

External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Bumsys
NVD GitHub
CVSS 3.1
7.2
EPSS
29.1%
CVE-2023-28068 HIGH This Week

Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Command Monitor
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-30243 HIGH This Week

Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Application Security Gateway
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-29350 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Microsoft Edge Chromium
NVD
CVSS 3.1
7.5
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy