Skip to main content

Wapples

4 CVEs product

Monthly

CVE-2022-35582 HIGH This Week

Penta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Wapples
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-35413 CRITICAL POC PATCH THREAT Act Now

WAPPLES through 6.0 has a hardcoded systemi account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Wapples
NVD
CVSS 3.1
9.8
EPSS
12.5%
CVE-2022-31324 MEDIUM This Month

An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Wapples
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-31322 HIGH This Week

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Wapples
NVD
CVSS 3.1
7.8
EPSS
0.3%
EPSS 1% CVSS 8.8
HIGH This Week

Penta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Wapples
NVD
EPSS 12% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

WAPPLES through 6.0 has a hardcoded systemi account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Wapples
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Wapples
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Wapples
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy