Skip to main content

Gateway

55 CVEs product

Monthly

CVE-2026-22771 Go HIGH POC PATCH This Week

Credential theft via Lua script execution in Envoy Gateway versions before 1.5.7 and 1.6.2 allows authenticated attackers to extract proxy credentials and subsequently access the control plane and all associated secrets including TLS private keys. Public exploit code exists for this vulnerability. Affected organizations running vulnerable Envoy Gateway instances should immediately upgrade as no patch is currently available for intermediate versions.

Kubernetes Gateway Code Injection RCE
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-66405 npm CRITICAL PATCH Act Now

Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.

SSRF Gateway
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-25294 Go MEDIUM PATCH This Month

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Kubernetes Gateway Red Hat Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-24030 Go HIGH PATCH This Month

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Path Traversal Kubernetes Gateway Red Hat Suse
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-24488 MEDIUM POC THREAT This Month

Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Gateway Application Delivery Controller
NVD
CVSS 3.1
6.1
EPSS
80.9%
CVE-2023-24487 HIGH This Week

Arbitrary file read in Citrix ADC and Citrix Gateway. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Citrix Application Delivery Controller Gateway
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-27516 CRITICAL Act Now

User login brute force protection functionality bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Gateway Application Delivery Controller Firmware
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-27513 CRITICAL Act Now

Remote desktop takeover via phishing. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gateway Application Delivery Controller Firmware
NVD
CVSS 3.1
9.6
EPSS
0.3%
CVE-2022-27510 CRITICAL Act Now

Unauthorized access to Gateway user capabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Gateway Application Delivery Controller Firmware
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-38368 HIGH This Week

An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Gateway
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-27509 MEDIUM This Month

Unauthenticated redirection to a malicious website. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Gateway Application Delivery Controller Firmware
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-30792 HIGH This Week

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 Control For Iot2000 Sl Control For Linux Sl +15
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-30791 HIGH This Week

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 Control For Iot2000 Sl Control For Linux Sl +15
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-31805 HIGH This Week

In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Development System Edge Gateway Gateway Hmi Sl +6
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-31804 HIGH This Week

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Gateway
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-31803 MEDIUM This Month

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Gateway
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2022-31802 CRITICAL Act Now

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gateway
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-22517 HIGH This Week

An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Control For Beaglebone Sl Control For Beckhoff Cx9020 Control For Empc A Imx6 Sl Control For Iot2000 Sl +16
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-22514 HIGH This Week

An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Sl Control For Beckhoff Cx9020 Control For Empc A Imx6 Sl Control For Iot2000 Sl +16
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2022-22513 MEDIUM This Month

An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Control For Beaglebone Sl Control For Beckhoff Cx9020 Control For Empc A Imx6 Sl +17
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-22956 HIGH This Week

An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware Gateway Sd Wan
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-22955 HIGH This Week

A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware Gateway
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-22927 HIGH This Week

A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Citrix Session Fixation Application Delivery Controller Firmware Gateway +1
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2021-22920 MEDIUM This Month

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Application Delivery Management Gateway
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-22919 HIGH This Week

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware Gateway Netscaler Gateway +1
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-36764 HIGH This Week

In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gateway
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-29242 HIGH This Week

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Control For Beaglebone Sl Control For Empc A Imx6 Sl Control For Iot2000 Sl Control For Linux Arm Sl +18
NVD
CVSS 3.1
7.3
EPSS
1.1%
CVE-2021-29241 HIGH This Week

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Control For Beaglebone Sl Control For Empc A Imx6 Sl Control For Iot2000 Sl +8
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-8247 HIGH This Week

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Citrix Application Delivery Controller Firmware Gateway Netscaler Gateway +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-8246 HIGH This Week

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware Gateway Netscaler Gateway +1
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-8245 MEDIUM This Month

Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Application Delivery Controller Firmware Gateway Netscaler Gateway
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-12714 MEDIUM POC PATCH This Month

An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Gateway Webmail Messenger
NVD
CVSS 3.1
5.9
EPSS
1.0%
CVE-2020-12713 HIGH POC PATCH This Week

An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 through 3.1.1-0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Gateway Webmail Messenger
NVD
CVSS 3.1
7.2
EPSS
2.6%
CVE-2020-13417 CRITICAL POC Act Now

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure OpenSSL Microsoft Apple Controller +2
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-13414 HIGH POC This Week

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Controller Gateway
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-11543 CRITICAL POC Act Now

OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Gateway
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-7052 MEDIUM POC This Month

CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 Control For Iot2000 Control For Linux +11
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2019-9009 HIGH This Week

An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 Control For Iot2000 Control For Pfc100 +10
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2019-9012 HIGH This Week

An issue was discovered in 3S-Smart CODESYS V3 products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Sl Control For Empc A Imx6 Sl Control For Iot2000 Sl Control For Linux Sl +6
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-9010 CRITICAL Act Now

An issue was discovered in 3S-Smart CODESYS V3 products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Control For Beaglebone Sl Control For Empc A Imx6 Sl Control For Iot2000 Sl Control For Linux Sl +6
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-0338 MEDIUM This Month

During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Gateway
NVD
CVSS 3.0
5.3
EPSS
1.1%
CVE-2019-0319 HIGH POC This Week

The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection SAP Gateway Ui5
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2012-1461 MEDIUM This Month

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 83.9% and no vendor patch available.

Privilege Escalation Fortinet Vba32 Command Antivirus Avg Anti Virus +17
NVD
CVSS 2.0
4.3
EPSS
83.9%
CVE-2012-1459 MEDIUM This Month

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 79.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft V3 Internet Security Avast Antivirus +33
NVD
CVSS 2.0
4.3
EPSS
79.5%
CVE-2012-1457 MEDIUM This Month

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.8% and no vendor patch available.

Privilege Escalation Microsoft Esafe Avast Antivirus Vba32 +25
NVD
CVSS 2.0
4.3
EPSS
50.8%
CVE-2012-1456 MEDIUM This Month

The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.2% and no vendor patch available.

Privilege Escalation Fortinet Esafe Avg Anti Virus Quick Heal +18
NVD
CVSS 2.0
4.3
EPSS
18.2%
CVE-2012-1454 MEDIUM This Month

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Dr Web Antivirus Fortinet Antivirus +4
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2012-1453 MEDIUM This Month

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 78.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft Avl Sdk Etrust Vet Antivirus +13
NVD
CVSS 2.0
4.3
EPSS
78.5%
CVE-2012-1446 MEDIUM This Month

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Avl Sdk Etrust Vet Antivirus +12
NVD
CVSS 2.0
4.3
EPSS
2.5%
CVE-2012-1443 MEDIUM This Month

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.2% and no vendor patch available.

Privilege Escalation Fortinet Microsoft V3 Internet Security Esafe +34
NVD
CVSS 2.0
4.3
EPSS
50.2%
CVE-2012-1442 MEDIUM This Month

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe Avl Sdk Quick Heal +9
NVD
CVSS 2.0
4.3
EPSS
2.8%
CVE-2012-1431 MEDIUM This Month

The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Esafe Command Antivirus Bitdefender Comodo Antivirus +6
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-1430 MEDIUM This Month

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Esafe Bitdefender Comodo Antivirus Anti Virus +5
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-1429 MEDIUM This Month

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Esafe Comodo Antivirus Anti Malware F Secure Anti Virus +5
NVD
CVSS 2.0
4.3
EPSS
5.1%
CVE-2012-1425 MEDIUM This Month

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 54.2% and no vendor patch available.

Privilege Escalation Fortinet Avl Sdk Antivir Quick Heal +13
NVD
CVSS 2.0
4.3
EPSS
54.2%
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Credential theft via Lua script execution in Envoy Gateway versions before 1.5.7 and 1.6.2 allows authenticated attackers to extract proxy credentials and subsequently access the control plane and all associated secrets including TLS private keys. Public exploit code exists for this vulnerability. Affected organizations running vulnerable Envoy Gateway instances should immediately upgrade as no patch is currently available for intermediate versions.

Kubernetes Gateway Code Injection +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.

SSRF Gateway
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Kubernetes Gateway +2
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Month

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Path Traversal Kubernetes Gateway +2
NVD GitHub
EPSS 81% CVSS 6.1
MEDIUM POC THREAT This Month

Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Gateway +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Arbitrary file read in Citrix ADC and Citrix Gateway. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Citrix Application Delivery Controller +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

User login brute force protection functionality bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Gateway Application Delivery Controller Firmware
NVD
EPSS 0% CVSS 9.6
CRITICAL Act Now

Remote desktop takeover via phishing. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gateway Application Delivery Controller Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Unauthorized access to Gateway user capabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Gateway Application Delivery Controller Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Gateway
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Unauthenticated redirection to a malicious website. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Gateway Application Delivery Controller Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 +17
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 +17
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Development System Edge Gateway +8
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Gateway
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Gateway
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gateway
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Control For Beaglebone Sl Control For Beckhoff Cx9020 +18
NVD
EPSS 1% CVSS 7.1
HIGH This Week

An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Sl Control For Beckhoff Cx9020 +18
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Control For Beaglebone Sl +19
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware +1
NVD
EPSS 1% CVSS 8.1
HIGH This Week

A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Citrix Session Fixation +3
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Application Delivery Management +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Gateway
NVD
EPSS 1% CVSS 7.3
HIGH This Week

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Control For Beaglebone Sl Control For Empc A Imx6 Sl +20
NVD
EPSS 0% CVSS 7.5
HIGH This Week

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Control For Beaglebone Sl +10
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Citrix Application Delivery Controller Firmware +3
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Citrix Application Delivery Controller Firmware +3
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Application Delivery Controller Firmware +2
NVD
EPSS 1% CVSS 5.9
MEDIUM POC PATCH This Month

An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Gateway Webmail Messenger
NVD
EPSS 3% CVSS 7.2
HIGH POC PATCH This Week

An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 through 3.1.1-0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Gateway Webmail Messenger
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure OpenSSL Microsoft +4
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Controller Gateway
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Gateway
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 +13
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Control For Empc A Imx6 +12
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered in 3S-Smart CODESYS V3 products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Control For Beaglebone Sl Control For Empc A Imx6 Sl +8
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue was discovered in 3S-Smart CODESYS V3 products. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Control For Beaglebone Sl Control For Empc A Imx6 Sl +8
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Gateway
NVD
EPSS 3% CVSS 7.5
HIGH POC This Week

The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection SAP Gateway +1
NVD
EPSS 84% CVSS 4.3
MEDIUM This Month

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 83.9% and no vendor patch available.

Privilege Escalation Fortinet Vba32 +19
NVD
EPSS 80% CVSS 4.3
MEDIUM This Month

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 79.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +35
NVD
EPSS 51% CVSS 4.3
MEDIUM This Month

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.8% and no vendor patch available.

Privilege Escalation Microsoft Esafe +27
NVD
EPSS 18% CVSS 4.3
MEDIUM This Month

The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.2% and no vendor patch available.

Privilege Escalation Fortinet Esafe +20
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +6
NVD
EPSS 78% CVSS 4.3
MEDIUM This Month

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 78.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +15
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +14
NVD
EPSS 50% CVSS 4.3
MEDIUM This Month

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.2% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +36
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Fortinet Esafe +11
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Esafe Command Antivirus +8
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Esafe Bitdefender +7
NVD
EPSS 5% CVSS 4.3
MEDIUM This Month

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Esafe Comodo Antivirus +7
NVD
EPSS 54% CVSS 4.3
MEDIUM This Month

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 54.2% and no vendor patch available.

Privilege Escalation Fortinet Avl Sdk +15
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy