In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between September 30-01, 2024.
During this period, The National Vulnerability Database published 67, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 3
High: 23
Medium: 20
Low: 1
Severity Not Assigned: 20
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-8448
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell.
References: https://www.twcert.org.tw/en/cp-139-8046-057c2-2.html
https://www.twcert.org.tw/tw/cp-132-8045-a2804-1.html
CWE-ID: CWE-798
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-8450
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges.
References: https://www.twcert.org.tw/en/cp-139-8050-52f32-2.html
https://www.twcert.org.tw/tw/cp-132-8049-83fe4-1.html
CWE-ID: CWE-798
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-8451
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service.
References: https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html
https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html
CWE-ID: CWE-280 CWE-400
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-8452
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowing attackers to obtain plaintext SNMPv3 credentials potentially.
References: https://www.twcert.org.tw/en/cp-139-8054-231ad-2.html
https://www.twcert.org.tw/tw/cp-132-8053-274bd-1.html
CWE-ID: CWE-327 CWE-328
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-6394
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The vulnerability is due to unverified path concatenation in the `serve_js` function in `app.py`, which allows attackers to perform path traversal attacks. This can lead to unauthorized access to arbitrary files on the server, potentially exposing sensitive information such as private SSH keys, configuration files, and source code.
References: https://huntr.com/bounties/6df4f990-b632-4791-b3ea-f40c9ea905bf
CWE-ID: CWE-29
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-8455
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.2
Impact Score: 5.9
Description: The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords.
References: https://www.twcert.org.tw/en/cp-139-8060-f3955-2.html
https://www.twcert.org.tw/tw/cp-132-8059-bde5f-1.html
CWE-ID: CWE-261
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-8456
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices.
References: https://www.twcert.org.tw/en/cp-139-8062-92f17-2.html
https://www.twcert.org.tw/tw/cp-132-8061-91872-1.html
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-8458
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts.
References: https://www.twcert.org.tw/en/cp-139-8066-d6504-2.html
https://www.twcert.org.tw/tw/cp-132-8065-579c1-1.html
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-8459
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials.
References: https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html
https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html
CWE-ID: CWE-312
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-46280
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them.
References: https://0xmupa.github.io/pixlink-weak-telnet
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-46293
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether the user is logged in as an admin or even check for a session token at all.
References: https://github.com/bunyamindemir/vulnerability-disclosures/blob/main/omos-authorization-bypass.md
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-46313
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm.
References: https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TP-LINK/WR-941ND/popupSiteSurveyRpm.md
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-46510
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: ESAFENET CDG v5 was discovered to contain a SQL injection vulnerability via the id parameter in the NavigationAjax interface
References: https://flowus.cn/share/c7784cff-2840-4761-8d1b-621016b6b1b9?code=G8A6P3
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-46549
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.5
Description: An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users.
References: https://github.com/Chapoly1305/tp-link-cve/blob/main/CVE-2024-46549.md
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-9158
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 1.7
Impact Score: 6.0
Description: A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI.
References: https://www.tenable.com/security/tns-2024-17
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-28809
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials.
References: https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28809
CWE-ID: CWE-312 CWE-798
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-42017
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an attacker to execute arbitrary commands with system privilege on the endpoint hosting the application, without any authentication.
References: https://eviden.com
https://support.bull.com/ols/product/security/psirt/security-bulletins/multiple-critical-vulnerabilities-in-icare-psirt-625-tlp-clear-version-0-7-cve-2024-42017/view
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-46511
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 0.8
Impact Score: 6.0
Description: LoadZilla LLC LoadLogic v1.4.3 was discovered to contain insecure permissions vulnerability which allows a remote attacker to execute arbitrary code via the LogicLoadEc2DeployLambda and CredsGenFunction function.
References: https://github.com/zolaer9527/serverless-app/security/advisories/GHSA-3ggq-wrf4-c88v
CWE-ID: CWE-266
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-28812
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local management network interface) with hardcoded credentials allows attackers to access the appliance operating system (with highest privileges) via an SSH connection.
References: https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28812
CWE-ID: CWE-798
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-28813
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 1.7
Impact Score: 6.0
Description: An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface.
References: https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28813
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-7670
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-7671
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-7672
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-7673
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-7674
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-7675
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between September 30-01, 2024.
During this period, The National Vulnerability Database published 67, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 3
High: 23
Medium: 20
Low: 1
Severity Not Assigned: 20
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-8448
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privilege to log in with this credential and obtain a Linux root shell.
References: https://www.twcert.org.tw/en/cp-139-8046-057c2-2.html
https://www.twcert.org.tw/tw/cp-132-8045-a2804-1.html
CWE-ID: CWE-798
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-8450
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges.
References: https://www.twcert.org.tw/en/cp-139-8050-52f32-2.html
https://www.twcert.org.tw/tw/cp-132-8049-83fe4-1.html
CWE-ID: CWE-798
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-8451
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorized remote attackers to exploit this weakness to occupy connection slots and prevent legitimate users from accessing the SSH service.
References: https://www.twcert.org.tw/en/cp-139-8052-ac0ea-2.html
https://www.twcert.org.tw/tw/cp-132-8051-5048e-1.html
CWE-ID: CWE-280 CWE-400
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-8452
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowing attackers to obtain plaintext SNMPv3 credentials potentially.
References: https://www.twcert.org.tw/en/cp-139-8054-231ad-2.html
https://www.twcert.org.tw/tw/cp-132-8053-274bd-1.html
CWE-ID: CWE-327 CWE-328
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-6394
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The vulnerability is due to unverified path concatenation in the `serve_js` function in `app.py`, which allows attackers to perform path traversal attacks. This can lead to unauthorized access to arbitrary files on the server, potentially exposing sensitive information such as private SSH keys, configuration files, and source code.
References: https://huntr.com/bounties/6df4f990-b632-4791-b3ea-f40c9ea905bf
CWE-ID: CWE-29
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-8455
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.2
Impact Score: 5.9
Description: The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords.
References: https://www.twcert.org.tw/en/cp-139-8060-f3955-2.html
https://www.twcert.org.tw/tw/cp-132-8059-bde5f-1.html
CWE-ID: CWE-261
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-8456
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices.
References: https://www.twcert.org.tw/en/cp-139-8062-92f17-2.html
https://www.twcert.org.tw/tw/cp-132-8061-91872-1.html
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-8458
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts.
References: https://www.twcert.org.tw/en/cp-139-8066-d6504-2.html
https://www.twcert.org.tw/tw/cp-132-8065-579c1-1.html
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-8459
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials.
References: https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html
https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html
CWE-ID: CWE-312
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-46280
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them.
References: https://0xmupa.github.io/pixlink-weak-telnet
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-46293
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether the user is logged in as an admin or even check for a session token at all.
References: https://github.com/bunyamindemir/vulnerability-disclosures/blob/main/omos-authorization-bypass.md
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-46313
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm.
References: https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TP-LINK/WR-941ND/popupSiteSurveyRpm.md
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-46510
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: ESAFENET CDG v5 was discovered to contain a SQL injection vulnerability via the id parameter in the NavigationAjax interface
References: https://flowus.cn/share/c7784cff-2840-4761-8d1b-621016b6b1b9?code=G8A6P3
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-46549
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.5
Description: An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users.
References: https://github.com/Chapoly1305/tp-link-cve/blob/main/CVE-2024-46549.md
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-9158
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 1.7
Impact Score: 6.0
Description: A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local attacker could inject arbitrary code into the NNM UI via the local CLI.
References: https://www.tenable.com/security/tns-2024-17
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-28809
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials.
References: https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28809
CWE-ID: CWE-312 CWE-798
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-42017
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an attacker to execute arbitrary commands with system privilege on the endpoint hosting the application, without any authentication.
References: https://eviden.com
https://support.bull.com/ols/product/security/psirt/security-bulletins/multiple-critical-vulnerabilities-in-icare-psirt-625-tlp-clear-version-0-7-cve-2024-42017/view
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-46511
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 0.8
Impact Score: 6.0
Description: LoadZilla LLC LoadLogic v1.4.3 was discovered to contain insecure permissions vulnerability which allows a remote attacker to execute arbitrary code via the LogicLoadEc2DeployLambda and CredsGenFunction function.
References: https://github.com/zolaer9527/serverless-app/security/advisories/GHSA-3ggq-wrf4-c88v
CWE-ID: CWE-266
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-28812
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local management network interface) with hardcoded credentials allows attackers to access the appliance operating system (with highest privileges) via an SSH connection.
References: https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28812
CWE-ID: CWE-798
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-28813
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 1.7
Impact Score: 6.0
Description: An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface.
References: https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28813
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-7670
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-7671
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-7672
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-7673
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-7674
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-7675
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References: https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found