Vulnerabilities > Use of Incorrectly-Resolved Name or Reference

DATE CVE VULNERABILITY TITLE RISK
2023-02-03 CVE-2021-37315 Use of Incorrectly-Resolved Name or Reference vulnerability in Asus Rt-Ac68U Firmware
Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the source for COPY and MOVE operations.
network
low complexity
asus CWE-706
critical
9.1
2022-11-21 CVE-2022-30257 Use of Incorrectly-Resolved Name or Reference vulnerability in Technitium DNS Server
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution.
network
low complexity
technitium CWE-706
critical
9.8
2022-11-21 CVE-2022-30258 Use of Incorrectly-Resolved Name or Reference vulnerability in Technitium DNS Server
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution.
network
low complexity
technitium CWE-706
critical
9.8
2022-11-10 CVE-2022-41874 Use of Incorrectly-Resolved Name or Reference vulnerability in Tauri
Tauri is a framework for building binaries for all major desktop platforms.
network
low complexity
tauri CWE-706
4.7
2022-07-18 CVE-2022-30621 Use of Incorrectly-Resolved Name or Reference vulnerability in Cellinx NVT - IP PTZ Camera Firmware 3.2.0/3.2.1
Allows a remote user to read files on the camera's OS "GetFileContent.cgi".
network
low complexity
cellinx CWE-706
6.5
2022-06-02 CVE-2022-27778 Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.
network
low complexity
haxx netapp oracle splunk CWE-706
8.1
2022-05-20 CVE-2022-29448 Use of Incorrectly-Resolved Name or Reference vulnerability in Wow-Estore Herd Effects
Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.
network
low complexity
wow-estore CWE-706
4.9
2022-05-18 CVE-2022-29445 Use of Incorrectly-Resolved Name or Reference vulnerability in Wow-Estore Popup BOX
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress.
network
low complexity
wow-estore CWE-706
7.2
2022-03-04 CVE-2022-0855 Use of Incorrectly-Resolved Name or Reference vulnerability in Microweber Whmcs 0.0.1/0.0.2/0.0.3
Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to 0.0.4.
network
low complexity
microweber CWE-706
6.1
2021-12-13 CVE-2021-40856 Use of Incorrectly-Resolved Name or Reference vulnerability in Auerswald products
Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring.
network
low complexity
auerswald CWE-706
7.5