Vulnerabilities > Hgiga > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2021-37912 | Unspecified vulnerability in Hgiga Oaklouds Portal 2.0/3.0 The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. | 9.8 |
| 2021-03-18 | CVE-2021-22848 | SQL Injection vulnerability in Hgiga products HGiga MailSherlock contains a SQL Injection. | 9.8 |
| 2021-01-19 | CVE-2021-22851 | SQL Injection vulnerability in Hgiga Oaklouds Openid 2.0/3.0 HGiga EIP product contains SQL Injection vulnerability. | 9.8 |
| 2021-01-19 | CVE-2021-22850 | Missing Authentication for Critical Function vulnerability in Hgiga Oaklouds Portal HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions. | 9.8 |
| 2020-12-31 | CVE-2020-35851 | OS Command Injection vulnerability in Hgiga Msr45 Isherlock-User and Ssr45 Isherlock-User HGiga MailSherlock does not validate specific parameters properly. | 9.8 |
| 2020-12-31 | CVE-2020-25848 | Improper Authentication vulnerability in Hgiga products HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism. | 9.8 |
| 2020-04-15 | CVE-2020-10511 | OS Command Injection vulnerability in Hgiga Oaklouds Ccm@Il HGiga C&Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAILN before olln-base-5.0-418.i386.rpm contains insecure configurations. | 9.8 |