Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-48419
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access to the web interface to inject and execute arbitrary shell commands, with "root" privileges.
CVSS Score
8.8
EPSS Score
0.037
Published
2025-01-27
CVE-2024-48420
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-01-27
CVE-2024-54145
Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.
CVSS Score
6.3
EPSS Score
0.002
Published
2025-01-27
CVE-2024-54146
Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29.
CVSS Score
7.6
EPSS Score
0.004
Published
2025-01-27
CVE-2024-55227
A cross-site scripting (XSS) vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.
CVSS Score
9.0
EPSS Score
0.001
Published
2025-01-27
CVE-2024-55228
A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title parameter.
CVSS Score
9.0
EPSS Score
0.001
Published
2025-01-27
CVE-2024-27256
IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-01-27
CVE-2024-48416
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-01-27
CVE-2024-48417
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Cross Site Scripting (XSS) in : /bin/goahead via /goform/setStaticRoute, /goform/fromSetFilterUrlFilter, and /goform/fromSetFilterClientFilter.
CVSS Score
5.2
EPSS Score
0.0
Published
2025-01-27
CVE-2024-48418
In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-01-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved