Skip to main content

Iot Platform

3 CVEs product

Monthly

CVE-2022-35136 MEDIUM POC This Month

Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Iot Platform
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-35135 HIGH POC This Week

Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/<uuid>. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Iot Platform
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-35134 MEDIUM POC This Month

Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iot Platform
NVD
CVSS 3.1
5.4
EPSS
0.4%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Iot Platform
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/<uuid>. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Iot Platform
NVD
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iot Platform
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy