Skip to main content

CWE-249

DEPRECATED: Often Misused: Path Manipulation

4 CVEs Avg CVSS 8.1 MITRE
1
CRITICAL
3
HIGH
0
MEDIUM
0
LOW
1
POC
0
KEV

Monthly

CVE-2023-33878 HIGH PATCH This Week

Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Microsoft Audio Install Package
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-32655 HIGH PATCH This Week

Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Intel Microsoft Usb Type C Power Delivery Controller
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2023-32278 HIGH PATCH This Week

Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc Uniwill Service Driver
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2019-3932 CRITICAL POC THREAT Act Now

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Am 100 Firmware Am 101 Firmware
NVD
CVSS 3.1
9.8
EPSS
36.3%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Microsoft +1
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an authenticated. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Intel Microsoft +1
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc Uniwill Service Driver
NVD
EPSS 36% CVSS 9.8
CRITICAL POC THREAT Act Now

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Am 100 Firmware Am 101 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy