Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-25 | CVE-2024-41468 | OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand | 9.8 |
| 2024-07-25 | CVE-2024-41473 | OS Command Injection vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac | 9.8 |
| 2024-07-25 | CVE-2024-38287 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Rhubcom Turbomeeting The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's password to a random insecure 8-digit value. | 9.8 |
| 2024-07-25 | CVE-2024-38289 | SQL Injection vulnerability in Rhubcom Turbomeeting A boolean-based SQL injection issue in the Virtual Meeting Password (VMP) endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input. | 9.8 |
| 2024-07-25 | CVE-2024-7007 | Missing Authentication for Critical Function vulnerability in Positron Tra7005 Firmware 1.20 Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass exploit that could allow an attacker to have unauthorized access to protected areas of the application. | 9.8 |
| 2024-07-24 | CVE-2024-41459 | Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex. | 9.8 |
| 2024-07-24 | CVE-2024-41460 | Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic. | 9.8 |
| 2024-07-24 | CVE-2024-41461 | Out-of-bounds Write vulnerability in Tendacn Fh1201 Firmware 1.2.0.14 Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient. | 9.8 |
| 2024-07-24 | CVE-2024-7081 | Unspecified vulnerability in Tailoring Management System Project Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0. | 9.8 |
| 2024-07-24 | CVE-2024-41551 | SQL Injection vulnerability in Campcodes Supplier Management System 1.0 CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via Supply_Management_System/admin/view_order_items.php?id= . | 9.8 |