Skip to main content
CVE-2023-34048 CRITICAL POC KEV THREAT Emergency

VMware vCenter Server contains an out-of-bounds write in the DCERPC protocol implementation allowing unauthenticated remote code execution, exploited by Chinese APT groups for ESXi infrastructure compromise.

NVD
CVSS 3.1
9.8
EPSS
93.2%
Threat
9.8
CVE-2023-20273 HIGH POC KEV THREAT Act Now

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Apple Command Injection Ios Xe
NVD GitHub
CVSS 3.1
7.2
EPSS
89.6%
CVE-2023-5311 HIGH POC PATCH This Week

The WP EXtra plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the register() function in versions up to, and including, 6.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass RCE WordPress Wp Extra
NVD VulDB
CVSS 3.1
8.8
EPSS
6.6%
CVE-2023-46584 CRITICAL POC Act Now

SQL Injection vulnerability in PHPGurukul Nipah virus (NiV) " Testing Management System v.1.0 allows a remote attacker to escalate privileges via a crafted request to the new-user-testing.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Nipah Virus Testing Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-46424 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_422BD4 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46423 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_417094 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46422 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411994 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46421 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411D00 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46420 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46419 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415730 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46418 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_412688 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46417 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415498 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46416 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ The 41A414 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46415 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41E588 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46414 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-46413 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-46412 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-46411 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-46410 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-46409 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-46408 CRITICAL POC Act Now

TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-46574 CRITICAL POC THREAT Act Now

An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection A3700r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
65.4%
CVE-2023-46564 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46563 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpQoS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46562 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46560 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formTcpipSetup. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46559 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46558 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46557 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAPVLAN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46556 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formFilter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46555 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPortFw. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46554 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46553 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formParentControl. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46552 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46551 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formReflashClientTbl. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46550 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46549 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSetLg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46548 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlanRedirect. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-46547 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSysLog. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46546 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formStats. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46545 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWsc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46544 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWirelessTbl. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46543 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlSiteSurvey. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46542 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMeshUploadConfig. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46541 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpv6Setup. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46540 CRITICAL POC Act Now

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow X2000r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46539 CRITICAL POC Act Now

TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function registerRequestHandle. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow TP-Link Tl Wr886N Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46538 CRITICAL POC Act Now

TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkResetVeriRegister. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow TP-Link Tl Wr886N Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46537 CRITICAL POC Act Now

TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function getRegVeriRegister. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow TP-Link Tl Wr886N Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-46536 CRITICAL POC Act Now

TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkRegVeriRegister. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow TP-Link Tl Wr886N Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
Page 1 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy