Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2022-29694
Unicorn Engine v2.0.0-rc7 and below was discovered to contain a NULL pointer dereference via qemu_ram_free.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-06-02
CVE-2022-29695
Unicorn Engine v2.0.0-rc7 contains memory leaks caused by an incomplete unicorn engine initialization.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-06-02
CVE-2022-29711
LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php.
CVSS Score
6.1
EPSS Score
0.0
Published
2022-06-02
CVE-2022-29712
LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters.
CVSS Score
9.8
EPSS Score
0.0
Published
2022-06-02
CVE-2022-29725
An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
8.8
EPSS Score
0.008
Published
2022-06-02
CVE-2022-29729
Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password generation algorithm which generates passwords that are accessible to unauthenticated attackers via the webUI login page.
CVSS Score
7.5
EPSS Score
0.009
Published
2022-06-02
CVE-2022-29730
USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 was discovered to contain hard-coded credentials for its highest privileged account. The credentials cannot be altered through normal operation of the device.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-06-02
CVE-2022-29731
An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-06-02
CVE-2022-29732
Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to contain a cross-site scripting (XSS) vulnerability via the Username parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
6.1
EPSS Score
0.005
Published
2022-06-02
CVE-2022-29733
Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to transmit and store sensitive information in cleartext. This vulnerability allows attackers to intercept HTTP Cookie authentication credentials via a man-in-the-middle attack.
CVSS Score
5.9
EPSS Score
0.001
Published
2022-06-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved