Skip to main content

Take Control

2 CVEs product

Monthly

CVE-2023-27470 HIGH POC This Week

BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Information Disclosure Take Control
NVD GitHub
CVSS 3.1
7.0
EPSS
0.5%
CVE-2012-2341 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Take Control module 6.x-2.x before 6.x-2.2 for Drupal allows remote attackers to hijack the authentication of unspecified users for Ajax. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Take Control
NVD
CVSS 2.0
6.8
EPSS
0.3%
EPSS 1% CVSS 7.0
HIGH POC This Week

BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Information Disclosure Take Control
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Take Control module 6.x-2.x before 6.x-2.2 for Drupal allows remote attackers to hijack the authentication of unspecified users for Ajax. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Take Control
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy