Security Vulnerabilities - CVEs Published In August 2024
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the wanmode parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-08-15
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-08-15
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-08-15
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromNatlimit function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-08-15
Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices
CVSS Score
6.8
EPSS Score
0.001
Published
2024-08-15
Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port.
CVSS Score
4.6
EPSS Score
0.0
Published
2024-08-15
Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-08-15
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-08-15
IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277.
CVSS Score
4.9
EPSS Score
0.002
Published
2024-08-15
IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-08-15