Vulnerabilities > Freshtomato > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-16 CVE-2023-3991 OS Command Injection vulnerability in Freshtomato 2023.3
An OS command injection vulnerability exists in the httpd iperfrun.cgi functionality of FreshTomato 2023.3.
network
low complexity
freshtomato CWE-78
critical
 9.8
9.8
2023-01-30 CVE-2022-42484 OS Command Injection vulnerability in multiple products
An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5.
network
low complexity
freshtomato siretta CWE-78
critical
 9.8
9.8
2022-08-05 CVE-2022-28664 Out-of-bounds Write vulnerability in Freshtomato 2022.1
A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1.
network
low complexity
freshtomato CWE-787
critical
 9.8
9.8
2022-08-05 CVE-2022-28665 Unspecified vulnerability in Freshtomato 2022.1
A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1.
network
low complexity
freshtomato
critical
 9.8
9.8