Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-31729 — Totolink A3300r_firmware: A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi.
TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi. CVSSv3.1 9.8 (CRITICAL) · EPSS 75th percentile
CVE-2023-2745 — Wordpress Wordpress: Core is vulnerable to Directory Traversal in versions up to, and including, 6.2
WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack. CVSSv3.1 5.4 (MEDIUM) · EPSS 99th percentile
CVE-2023-2706 — Xootix Otp_login_woocommerce_\&_gravity_forms: The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication
The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. This is due to the fact that when generating OTP codes for users to use in order to login via phone number, the plugin returns these codes in an AJAX response. This makes it possible for unauthenticated attackers to obtain login codes for administrators. This does require an attacker have access to the phone number configured for an account, which can be obtained via social CVSSv3.1 8.1 (HIGH) · EPSS 82th percentile
CVE-2023-2499 — Metagauss Registrationmagic: The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. This is due to insufficient verification on the user being supplied during a Google social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. CVSSv3.1 9.8 (CRITICAL) · EPSS 71th percentile
CVE-2023-27823 — Optoma 1080pstx: An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials. CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile
CVE-2023-29863 — Medisys Weblab: Products v19.4.03 was discovered to contain a SQL injection vulnerability via the
Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection vulnerability via the tem:statement parameter in the WSDL files. CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile
CVE-2023-30185 — Crmeb Crmeb: v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via
CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 68th percentile
CVE-2023-30242 — Netentsec Application_security_gateway: NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php.
NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 50th percentile
CVE-2023-23059 — Geovision Gv-edge_recording_manager: An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains
An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains improper permissions within the default installation and allows attackers to execute arbitrary code and gain escalated privileges. CVSSv3.1 9.8 (CRITICAL) · EPSS 71th percentile
CVE-2023-29778 — Gl-inet Gl-mt3000_firmware: GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread.
GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread. CVSSv3.1 9.8 (CRITICAL) · EPSS 97th percentile
CVE-2023-27973 — Hp Laserjet_pro_m304-m305_w1a46a_firmware: Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote
Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution. CVSSv3.1 9.8 (CRITICAL) · EPSS 71th percentile
CVE-2023-27972 — Hp Laserjet_pro_m304-m305_w1a46a_firmware: Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. CVSSv3.1 9.8 (CRITICAL) · EPSS 71th percentile
CVE-2023-27971 — Hp Laserjet_pro_m304-m305_w1a46a_firmware: Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege. CVSSv3.1 9.8 (CRITICAL) · EPSS 55th percentile
CVE-2022-47758 — Nanoleaf Nanoleaf_firmware: firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary
Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack. CVSSv3.1 9.8 (CRITICAL) · EPSS 68th percentile
CVE-2023-2297 — Cozmoslabs Profile_builder: The Profile Builder – User Profile & User Registration Forms plugin for WordPress is
The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 3.9.0. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function (wppb_front_end_password_recovery). The function uses the plaintext value of a password reset key instead of a hashed value which means it can easily be retrieved and subsequently us CVSSv3.1 9.8 (CRITICAL) · EPSS 47th percentile
CVE-2023-30404 — Aigital Wireless-n_repeater_mini_router_firmware: Wireless-N Repeater Mini_Router v0.131229 was discovered to contain a remote code execution (RCE)
Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to contain a remote code execution (RCE) vulnerability via the sysCmd parameter in the formSysCmd function. This vulnerability is exploited via a crafted HTTP request. CVSSv3.1 9.8 (CRITICAL) · EPSS 82th percentile
CVE-2022-46640 — Nanoleaf Nanoleaf_desktop: Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which
Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request. CVSSv3.1 9.8 (CRITICAL) · EPSS 82th percentile
CVE-2023-1873 — Faturamatik Bircard: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Faturamatik Bircard allows SQL Injection.This issue affects Bircard: before 23.04.05. CVSSv3.1 9.8 (CRITICAL) · EPSS 48th percentile
CVE-2023-1723 — Vegayazilim Mobile_assistant: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veragroup Mobile Assistant allows SQL Injection.This issue affects Mobile Assistant: before 21.S.2343. CVSSv3.1 9.8 (CRITICAL) · EPSS 48th percentile
CVE-2023-2027 — Zm_ajax_login_\&_register_project Zm_ajax_login_\&_register: The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username. CVSSv3.1 9.8 (CRITICAL) · EPSS 62th percentile
CVE-2023-1833 — Redline Router_firmware: Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router firmware allows Authentication
Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: before 7.17. CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile
CVE-2023-1803 — Redline Router_firmware: Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication
Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: before 7.17. CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile
CVE-2023-1863 — Eskom El_terminali_\(su_okuma\)_uygulamalarimiz: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eskom Water Metering Software allows Command Line Execution through SQL Injection.This issue affects Water Metering Software: before 23.04.06. CVSSv3.1 9.8 (CRITICAL) · EPSS 70th percentile
CVE-2023-27667 — Auto_dealer_management_system_project Auto_dealer_management_system: Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability.
Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability. CVSSv3.1 9.8 (CRITICAL) · EPSS 50th percentile
CVE-2023-27779 — Amsystem Am_presencia: AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user
AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user parameter in the login form. CVSSv3.1 9.8 (CRITICAL) · EPSS 59th percentile