Vulnerabilities > Milesight > Devicehub > 3.0.1.r1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-02 | CVE-2024-36388 | Unspecified vulnerability in Milesight Devicehub 3.0.1R1 MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function | 9.8 |
| 2024-06-02 | CVE-2024-36389 | Use of Insufficiently Random Values vulnerability in Milesight Devicehub 3.0.1R1 MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass | 9.8 |
| 2024-06-02 | CVE-2024-36390 | Unspecified vulnerability in Milesight Devicehub 3.0.1R1 MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service | 7.5 |
| 2024-06-02 | CVE-2024-36391 | Unspecified vulnerability in Milesight Devicehub 3.0.1R1 MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic | 7.4 |
| 2024-06-02 | CVE-2024-36392 | Cross-site Scripting vulnerability in Milesight Devicehub 3.0.1R1 MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 6.1 |
| 2024-06-02 | CVE-2024-27776 | Path Traversal vulnerability in Milesight Devicehub 3.0.1R1 MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE | 9.8 |