Vulnerabilities > Nascent

DATE CVE VULNERABILITY TITLE RISK
2021-08-24 CVE-2021-38611 Command Injection vulnerability in Nascent Remkon Device Manager 4.0.0.0
A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.
network
low complexity
nascent CWE-77
critical
10.0
2021-08-24 CVE-2021-38612 Path Traversal vulnerability in Nascent Remkon Device Manager 4.0.0.0
In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL.
network
low complexity
nascent CWE-22
5.0
2021-08-24 CVE-2021-38613 Unrestricted Upload of File with Dangerous Type vulnerability in Nascent Remkon Device Manager 4.0.0.0
The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution.
network
low complexity
nascent CWE-434
critical
10.0