Skip to main content

Viaware

3 CVEs product

Monthly

CVE-2021-36356 CRITICAL POC THREAT Act Now

KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Viaware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
54.4%
CVE-2021-35064 CRITICAL POC THREAT Act Now

KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Viaware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
70.8%
CVE-2019-17124 CRITICAL POC THREAT Act Now

Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Viaware
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
22.5%
EPSS 54% CVSS 9.8
CRITICAL POC THREAT Act Now

KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload +1
NVD Exploit-DB
EPSS 71% CVSS 9.8
CRITICAL POC THREAT Act Now

KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Viaware
NVD Exploit-DB
EPSS 23% CVSS 9.8
CRITICAL POC THREAT Act Now

Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Viaware
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy