Skip to main content
CVE-2024-30867 CRITICAL POC Act Now

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_virtual_site_info.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30858 CRITICAL POC Act Now

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fire_wall.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP RCE SQLi Ns Asg Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30865 CRITICAL POC Act Now

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_user_login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ns Asg Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30868 CRITICAL POC Act Now

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/add_getlogin.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP RCE SQLi Ns Asg Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-1863 CRITICAL Act Now

Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi RCE Sante Pacs Server
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2024-29433 CRITICAL Act Now

A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to execute arbitrary commands via supplying crafted data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Alldata
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-25574 CRITICAL Act Now

SQL injection vulnerability exists in GetDIAE_usListParameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Diaenergie
NVD
CVSS 3.1
9.8
EPSS
8.8%
CVE-2024-21473 CRITICAL Act Now

Memory corruption while redirecting log file to any file location with any file name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Fastconnect 6900 Firmware +123
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-21463 CRITICAL Act Now

Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +101
NVD
CVSS 3.1
9.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy