Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2022-36494
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function edditactionlist.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
CVE-2022-36495
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function addactionlist.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
CVE-2022-36496
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMobileAPInfoById.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
CVE-2022-36497
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
CVE-2022-36498
H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-25
CVE-2021-25642
ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run arbitrary commands as YARN user by exploiting this. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.4 or later (containing YARN-11126) if ZKConfigurationStore is used.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-08-25
CVE-2022-36456
TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-08-25
CVE-2022-36458
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-08-25
CVE-2022-36459
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-08-25
CVE-2022-36460
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-08-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved