Skip to main content
CVE-2024-41473 CRITICAL POC Act Now

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Fh1201 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
6.7%
CVE-2024-38289 CRITICAL POC THREAT Act Now

A boolean-based SQL injection issue in the Virtual Meeting Password (VMP) endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Turbomeeting
NVD GitHub
CVSS 3.1
9.8
EPSS
40.9%
CVE-2024-41468 CRITICAL Act Now

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tenda Command Injection Fh1201 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
4.6%
CVE-2024-24621 CRITICAL Act Now

Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Webuzo
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-38287 CRITICAL Act Now

The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Turbomeeting
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy