Skip to main content

Thinksystem Sr630 V3 Firmware

3 CVEs product

Monthly

CVE-2023-4608 HIGH This Week

An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Thinkagile Hx5530 Firmware Thinkagile Hx7530 Firmware Thinkagile Vx3331 Firmware Thinkagile Hx1331 Firmware +54
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2023-4607 HIGH This Week

An authenticated XCC user can change permissions for any user through a crafted API command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Thinkagile Hx5530 Firmware Thinkagile Hx7530 Firmware Thinkagile Vx3331 Firmware Thinkagile Hx1331 Firmware +119
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-4606 HIGH This Week

An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Thinkagile Hx5530 Firmware Thinkagile Hx7530 Firmware Thinkagile Vx3331 Firmware Thinkagile Hx1331 Firmware +54
NVD
CVSS 3.1
8.1
EPSS
0.5%
EPSS 0% CVSS 7.2
HIGH This Week

An authenticated XCC user with elevated privileges can perform blind SQL injection in limited cases through a crafted API command. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Thinkagile Hx5530 Firmware Thinkagile Hx7530 Firmware +56
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An authenticated XCC user can change permissions for any user through a crafted API command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Thinkagile Hx5530 Firmware Thinkagile Hx7530 Firmware +121
NVD
EPSS 0% CVSS 8.1
HIGH This Week

An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted API command. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Thinkagile Hx5530 Firmware Thinkagile Hx7530 Firmware +56
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy