Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2023-4343
Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4344
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-38401
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-38402
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-15
CVE-2023-38861
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-08-15
CVE-2023-38862
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-38863
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-38865
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.
CVSS Score
9.8
EPSS Score
0.011
Published
2023-08-15
CVE-2023-4323
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15
CVE-2023-4324
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
CVSS Score
9.8
EPSS Score
0.001
Published
2023-08-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved