Fallos del tipo CWE-912

79 resultados

CVE-2024-20439CRITICALA vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by usEPSS 92.0%KEV CVE-2025-34117CRITICALNetcore / Netis Routers RCE via UDP Port 53413 BackdoorEPSS 22.9%CVE-2021-24867—Backdoored Plugins & Themes from AccessPress ThemesEPSS 18.9%CVE-2024-6045HIGHD-Link router - Hidden BackdoorEPSS 6.3%CVE-2020-16204—The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as EPSS 5.5%CVE-2010-20103CRITICALProFTPD 1.3.3c Backdoor Command ExecutionEPSS 4.8%CVE-2020-12504CRITICALPepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx productsEPSS 3.0%CVE-2020-14487CRITICALOpenClinic GAEPSS 2.2%CVE-2022-38452HIGHA command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-craftEPSS 2.1%CVE-2022-36429HIGHA command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A speciaEPSS 2.0%CVE-2020-28593HIGHA unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially EPSS 1.9%CVE-2011-10018CRITICALmyBB 1.6.4 Backdoor Arbitrary Command ExecutionEPSS 1.9%CVE-2023-24108CRITICALMvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.EPSS 1.4%CVE-2025-32370HIGHKentico Xperience before 13.0.178 has a specific set of allowed ContentUploader file extensions for unauthenticated uploads; however, becausEPSS 1.3%CVE-2021-4229MEDIUMua-parser-js Crypto Mining backdoorEPSS 1.3%CVE-2022-46996CRITICALvSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code execution backdoor via the request package.EPSS 1.3%CVE-2025-27840MEDIUMEspressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).EPSS 1.3%CVE-2024-39754CRITICALA static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network pacEPSS 1.3%CVE-2022-47767CRITICALA backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This afEPSS 1.2%CVE-2021-43987CRITICALmySCADA myPROEPSS 1.2%

← anteriorpágina 1 / 4siguiente →