Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2017
CVE-2017-2172
Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-07-07
CVE-2017-2183
HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings.
CVSS Score
8.0
EPSS Score
0.005
Published
2017-07-07
CVE-2017-2184
Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI.
CVSS Score
8.8
EPSS Score
0.008
Published
2017-07-07
CVE-2017-2185
HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI.
CVSS Score
8.8
EPSS Score
0.009
Published
2017-07-07
CVE-2017-2186
HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-07-07
CVE-2017-2188
Untrusted search path vulnerability in Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) 2014 March Edition (Ver.9.0.001.001) [Updated on 2017 June 9], (Ver.8.0.001.001) [Updated on 2016 May 31] and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-07-07
CVE-2017-2194
Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-07-07
CVE-2017-2208
Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.
CVSS Score
7.8
EPSS Score
0.005
Published
2017-07-07
CVE-2017-2215
Untrusted search path vulnerability in Installer of "Setup file of advance preparation" (jizen_setup.exe) (The version which was available on the website prior to 2017 June 12) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-07-07
CVE-2017-2216
Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.005
Published
2017-07-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved