Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2023-38866
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and display_name.
CVSS Score
9.8
EPSS Score
0.011
Published
2023-08-15
CVE-2023-39841
Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.
CVSS Score
4.6
EPSS Score
0.0
Published
2023-08-15
CVE-2023-39842
Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.
CVSS Score
2.4
EPSS Score
0.0
Published
2023-08-15
CVE-2023-39843
Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.
CVSS Score
2.4
EPSS Score
0.0
Published
2023-08-15
CVE-2023-38864
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4327
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-4328
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-4329
Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4331
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-15
CVE-2023-4332
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved