Skip to main content
CVE-2024-55591 CRITICAL POC KEV EUVD KEV THREAT CERT-EU Emergency

FortiOS and FortiProxy contain an authentication bypass via the Node.js websocket module allowing unauthenticated remote attackers to gain super-admin privileges through crafted requests.

Node.js Authentication Bypass Fortinet Fortiproxy Fortios
NVD GitHub
CVSS 3.1
9.8
EPSS
94.2%
Threat
7.8
CVE-2024-13159 CRITICAL POC KEV THREAT Emergency

Ivanti Endpoint Manager contains an absolute path traversal vulnerability allowing unauthenticated remote attackers to leak sensitive information from the EPM server, one of three related Ivanti EPM path traversal CVEs.

Ivanti Path Traversal Endpoint Manager
NVD
CVSS 3.1
9.8
EPSS
94.2%
Threat
7.8
CVE-2024-13160 CRITICAL POC KEV THREAT Emergency

Ivanti Endpoint Manager contains a second absolute path traversal vulnerability for unauthenticated information disclosure, part of the triple path traversal affecting EPM's January 2025 security update.

Ivanti Path Traversal Endpoint Manager
NVD
CVSS 3.1
9.8
EPSS
93.5%
Threat
7.8
CVE-2024-13161 CRITICAL POC KEV THREAT Emergency

Ivanti Endpoint Manager contains a third absolute path traversal vulnerability for unauthenticated information disclosure, completing the triple path traversal set in the January 2025 security update.

Ivanti Path Traversal Endpoint Manager
NVD
CVSS 3.1
9.8
EPSS
92.5%
Threat
7.7
CVE-2024-48760 CRITICAL POC THREAT Emergency

An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.5%.

RCE File Upload Gestioip
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
12.5%
CVE-2024-48884 CRITICAL Emergency

Arbitrary file write and folder deletion in Fortinet FortiManager, FortiOS, and FortiProxy is possible via a path traversal flaw in the security fabric interface, where a remote authenticated attacker can write arbitrary files and, more severely, a remote unauthenticated attacker can delete arbitrary folders. The flaw carries a CVSS 9.1 (I:H/A:H) and an unusually high EPSS of 39.29% (97th percentile), signaling elevated near-term exploitation likelihood, though no public exploit is identified and it is not yet in CISA KEV. Affected products span multiple FortiOS 6.4-7.6, FortiManager 7.4-7.6, FortiProxy 1.0-7.4, and FortiManager Cloud branches.

Fortinet Path Traversal Fortimanager Fortimanager Cloud Fortiproxy +4
NVD
CVSS 3.1
9.1
EPSS
39.3%
CVE-2023-37936 CRITICAL CERT-EU Act Now

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Fortinet Fortiswitch
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-57483 CRITICAL Act Now

Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tenda Buffer Overflow I24 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-57473 CRITICAL Act Now

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow N12 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-57482 CRITICAL Act Now

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow N12 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-57479 CRITICAL Act Now

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow N12 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-57471 CRITICAL Act Now

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow N12 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-57480 CRITICAL Act Now

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow N12 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2024-35276 CRITICAL Act Now

Remote code execution in Fortinet FortiManager and FortiAnalyzer (plus their Cloud variants) arises from a stack-based buffer overflow (CWE-121) reachable via specially crafted packets, letting an attacker run unauthorized code or OS commands on the management appliance. Affected trains span 6.4, 7.0, 7.2, and 7.4 across on-prem and Cloud editions. The CVSS vector rates this 9.8 with PR:N (network, no authentication), though the low EPSS (0.17%, 38th percentile) and absence of KEV/POC signals indicate no public exploit identified at time of analysis despite the critical rating.

Stack Overflow Buffer Overflow Fortinet Fortianalyzer Fortianalyzer Cloud +2
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2024-54142 CRITICAL This Week

Discourse AI is a Discourse plugin which provides a number of AI features. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
9.0
EPSS
0.3%
CVE-2024-49375 CRITICAL PATCH This Week

Open source machine learning framework. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Code Injection
NVD GitHub
CVSS 3.1
9.0
EPSS
3.3%
CVE-2024-48856 CRITICAL This Week

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Qnx Software Development Platform
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-23025 CRITICAL PATCH This Week

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xwiki
NVD GitHub
CVSS 3.1
9.0
EPSS
2.2%
CVE-2025-21311 CRITICAL PATCH CERT-EU This Week

Windows NTLM V1 Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 11 24h2 Windows Server 2022 23h2 Windows Server 2025 +1
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2025-21307 CRITICAL PATCH CERT-EU This Week

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Memory Corruption Use After Free RCE Windows 10 1507 +15
NVD
CVSS 3.1
9.8
EPSS
9.3%
CVE-2025-21298 CRITICAL PATCH CERT-EU Act Now

Windows OLE Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 73.9%.

Microsoft Memory Corruption Use After Free RCE Windows 10 1507 +15
NVD
CVSS 3.1
9.8
EPSS
73.9%
CVE-2024-10811 CRITICAL POC Act Now

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Ivanti Path Traversal Endpoint Manager
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2024-39803 CRITICAL POC Act Now

Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2024-39802 CRITICAL POC Act Now

Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2024-39801 CRITICAL POC Act Now

Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-39800 CRITICAL POC Act Now

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-39799 CRITICAL POC Act Now

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-39798 CRITICAL POC Act Now

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-39795 CRITICAL POC Act Now

Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-39794 CRITICAL POC Act Now

Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-39793 CRITICAL POC Act Now

Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-39790 CRITICAL POC Act Now

Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-39789 CRITICAL POC Act Now

Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-39788 CRITICAL POC Act Now

Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-39787 CRITICAL POC Act Now

Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2024-39786 CRITICAL POC Act Now

Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2024-39785 CRITICAL POC Act Now

Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2024-39784 CRITICAL POC Act Now

Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2024-39783 CRITICAL POC Act Now

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2024-39782 CRITICAL POC Act Now

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2024-39781 CRITICAL POC Act Now

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2024-39774 CRITICAL POC Act Now

A buffer overflow vulnerability exists in the adm.cgi set_sys_adm() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2024-39770 CRITICAL POC Act Now

Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2024-39769 CRITICAL POC Act Now

Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-39768 CRITICAL POC Act Now

Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2024-39765 CRITICAL POC Act Now

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2024-39764 CRITICAL POC Act Now

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2024-39763 CRITICAL POC Act Now

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2024-39762 CRITICAL POC Act Now

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2024-39761 CRITICAL POC Act Now

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Wl Wn533A8 Firmware
NVD
CVSS 3.1
10.0
EPSS
1.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy