Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-57017
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg.
CVSS Score
8.8
EPSS Score
0.043
Published
2025-01-15
CVE-2024-57018
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAccountCfg.
CVSS Score
8.8
EPSS Score
0.043
Published
2025-01-15
CVE-2024-57019
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg.
CVSS Score
8.8
EPSS Score
0.043
Published
2025-01-15
CVE-2024-57020
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg.
CVSS Score
8.8
EPSS Score
0.043
Published
2025-01-15
CVE-2024-57021
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg.
CVSS Score
8.8
EPSS Score
0.043
Published
2025-01-15
CVE-2020-8094
An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-01-15
CVE-2025-22968
An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions
CVSS Score
9.8
EPSS Score
0.39
Published
2025-01-15
CVE-2025-22786
Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP Local File Inclusion.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.6.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-15
CVE-2025-22787
Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through 1.1.5.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-01-15
CVE-2025-22759
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.27.4.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-01-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved