Vulnerabilities > 42Gears

DATE CVE VULNERABILITY TITLE RISK
2023-07-25 CVE-2023-3897 Information Exposure Through Discrepancy vulnerability in 42Gears Suremdm 6.31
Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message. This issue affects SureMDM On-premise: 6.31 and below version 
network
low complexity
42gears CWE-203
5.3
2023-04-27 CVE-2023-2335 Insufficiently Protected Credentials vulnerability in 42Gears Surelock
Plaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40.0.Exe on Windows (Registery modules) allows Retrieve Admin user credentials This issue affects surelock windows: from 2.3.12 through 2.40.0.
network
low complexity
42gears CWE-522
7.5
2023-04-27 CVE-2023-2331 Unquoted Search Path or Element vulnerability in 42Gears Surelock
Unquoted service Path or Element vulnerability in 42Gears Surelock Windows SureLock Service (NixService.Exe) on Windows application will allows to insert arbitrary code into the service. This issue affects Surelock Windows : from 2.3.12 through 2.40.0.
local
low complexity
42gears CWE-428
7.8
2019-02-05 CVE-2018-15659 Information Exposure vulnerability in 42Gears Suremdm 6.31/6.34
An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications.
network
low complexity
42gears CWE-200
6.5
2019-02-05 CVE-2018-15658 Information Exposure vulnerability in 42Gears Suremdm 6.31/6.34/6.35
An issue was discovered in 42Gears SureMDM before 2018-11-27.
network
low complexity
42gears CWE-200
7.5
2019-02-05 CVE-2018-15657 Server-Side Request Forgery (SSRF) vulnerability in 42Gears Suremdm 6.31/6.34/6.35
An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.
local
low complexity
42gears CWE-918
7.3
2019-02-05 CVE-2018-15656 Information Exposure vulnerability in 42Gears Suremdm 6.31/6.34/6.35
An issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27.
network
low complexity
42gears CWE-200
7.5
2019-02-05 CVE-2018-15655 Information Exposure vulnerability in 42Gears Suremdm 6.31/6.34
An issue was discovered in 42Gears SureMDM before 2018-11-27, related to CORS settings.
network
low complexity
42gears CWE-200
6.5