Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-57764
MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-01-15
CVE-2024-57765
MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name parameter at table/list.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-15
CVE-2024-57766
MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-01-15
CVE-2024-57767
MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.
CVSS Score
8.6
EPSS Score
0.001
Published
2025-01-15
CVE-2024-57757
JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-15
CVE-2024-57760
JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-15
CVE-2024-57762
MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml configuration file.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-15
CVE-2024-57483
Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-01-14
CVE-2024-57473
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-01-14
CVE-2024-57471
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-01-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved