Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2020-25912 — Getsymphony Symphony: A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which
A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS). CVSSv3.1 9.1 (CRITICAL) · EPSS 69th percentile
CVE-2021-41646 — Janobe Online_reviewer_system: Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. CVSSv3.1 9.8 (CRITICAL) · EPSS 88th percentile
CVE-2021-31627 — Tendacn Ac9_firmware: Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter. CVSSv3.1 8.8 (HIGH) · EPSS 65th percentile
CVE-2021-31624 — Tendacn Ac9_firmware: Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. CVSSv3.1 8.8 (HIGH) · EPSS 65th percentile
CVE-2021-29005 — Rconfig Rconfig: Insecure permission of chmod command on rConfig server 3.9.6 exists.
Insecure permission of chmod command on rConfig server 3.9.6 exists. After installing rConfig apache user may execute chmod as root without password which may let an attacker with low privilege to gain root access on server. CVSSv3.1 8.8 (HIGH) · EPSS 76th percentile
CVE-2021-29004 — Rconfig Rconfig: 3.9.6 is affected by SQL Injection.
rConfig 3.9.6 is affected by SQL Injection. A user must be authenticated to exploit the vulnerability. If --secure-file-priv in MySQL server is not set and the Mysql server is the same as rConfig, an attacker may successfully upload a webshell to the server and access it remotely. CVSSv3.1 8.8 (HIGH) · EPSS 79th percentile
CVE-2020-21548 — Saitoha Libsixel: 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. CVSSv3.1 8.8 (HIGH)
CVE-2020-21547 — Saitoha Libsixel: 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. CVSSv3.1 8.8 (HIGH)
CVE-2021-41326 — Misp-project Misp: In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec
In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call. CVSSv3.1 9.8 (CRITICAL)
CVE-2021-36582 — Kooboo Kooboo_cms: In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx)
In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL. CVSSv3.1 9.8 (CRITICAL) · EPSS 70th percentile
CVE-2021-36581 — Kooboo Kooboo_cms: CMS 2.1.1.0 is vulnerable to Insecure file upload.
Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server. CVSSv3.1 9.8 (CRITICAL) · EPSS 71th percentile
CVE-2021-39302 — Misp-project Misp: 2.4.148, in certain configurations, allows SQL injection via the app/Model/Log.php $conditions['org'] value.
MISP 2.4.148, in certain configurations, allows SQL injection via the app/Model/Log.php $conditions['org'] value. CVSSv3.1 9.8 (CRITICAL)
CVE-2019-25052 — Trustedfirmware Op-tee: In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information. CVSSv3.1 9.1 (CRITICAL) · EPSS 42th percentile
CVE-2021-33485 — Codesys Control: Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow. CVSSv3.1 9.8 (CRITICAL) · EPSS 60th percentile
CVE-2020-18171 — Techsmith Snagit: 19.1.0.2653 uses Object Linking and Embedding (OLE) which can allow attackers to
TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) which can allow attackers to obfuscate and embed crafted files used to escalate privileges. NOTE: This implies that Snagit's use of OLE is a security vulnerability unto itself and it is not. See reference document for more details. CVSSv3.1 8.8 (HIGH) · EPSS 12th percentile
CVE-2021-22779 — Schneider-electric Ecostruxure_control_expert: Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unautho CVSSv3.1 9.1 (CRITICAL) · EPSS 41th percentile
CVE-2021-33012 — Rockwellautomation Micrologix_1100_firmware: Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted
Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted commands to cause the PLC to fault when the controller is switched to RUN mode, which results in a denial-of-service condition. If successfully exploited, this vulnerability will cause the controller to fault whenever the controller is switched to RUN mode. CVSSv3.1 8.6 (HIGH) · EPSS 86th percentile
CVE-2021-35502 — Misp-project Misp: app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data related to generic-template:index.
app/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data related to generic-template:index. CVSSv3.1 9.8 (CRITICAL) · EPSS 61th percentile
CVE-2021-34203 — Dlink Dir-2640-us_firmware: D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control.
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify routing information, monitor the traffic of all devices under the router, hijack DNS and phishing attacks. In addition, this interface is likely to be questioned by customers as a CVSSv3.1 8.1 (HIGH) · EPSS 73th percentile
CVE-2021-22768 — Schneider-electric Powerlogic_egx100_firmware: A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer)
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-22767 CVSSv3.1 9.8 (CRITICAL) · EPSS 74th percentile
CVE-2021-22767 — Schneider-electric Powerlogic_egx100_firmware: A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer)
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-2276 CVSSv3.1 9.8 (CRITICAL) · EPSS 74th percentile
CVE-2021-22765 — Schneider-electric Powerlogic_egx100_firmware: A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer)
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet CVSSv3.1 9.8 (CRITICAL) · EPSS 70th percentile
CVE-2021-22763 — Schneider-electric Powerlogic_pm5560_firmware: A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to a device. CVSSv3.1 9.8 (CRITICAL) · EPSS 50th percentile
CVE-2021-31659 — Tp-link Tl-sg2005_firmware: 1.0.0 Build 20180529 Rel.40524 is vulnerable to Cross Site Request Forgery (CSRF).
TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is vulnerable to Cross Site Request Forgery (CSRF). All configuration information is placed in the URL, without any additional token authentication information. A malicious link opened by the switch administrator may cause the password of the switch to be modified and the configuration file to be tampered with. CVSSv3.1 8.8 (HIGH) · EPSS 44th percentile
CVE-2021-31658 — Tp-link Tl-sg2005_firmware: TL-SG2005, TL-SG2008, etc.
TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is affected by an Array index error. The interface that provides the "device description" function only judges the length of the received data, and does not filter special characters. This vulnerability will cause the application to crash, and all device configuration information will be erased. CVSSv3.1 8.1 (HIGH) · EPSS 60th percentile