Vulnerabilities > Freshtomato

DATE CVE VULNERABILITY TITLE RISK
2023-10-16 CVE-2023-3991 OS Command Injection vulnerability in Freshtomato 2023.3
An OS command injection vulnerability exists in the httpd iperfrun.cgi functionality of FreshTomato 2023.3.
network
low complexity
freshtomato CWE-78
critical
9.8
2023-01-30 CVE-2022-38451 Path Traversal vulnerability in multiple products
A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5.
network
low complexity
freshtomato siretta CWE-22
7.5
2023-01-30 CVE-2022-42484 OS Command Injection vulnerability in multiple products
An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5.
network
low complexity
freshtomato siretta CWE-78
critical
9.8
2022-08-05 CVE-2022-28664 Out-of-bounds Write vulnerability in Freshtomato 2022.1
A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1.
network
low complexity
freshtomato CWE-787
critical
9.8
2022-08-05 CVE-2022-28665 Unspecified vulnerability in Freshtomato 2022.1
A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1.
network
low complexity
freshtomato
critical
9.8