Security Vulnerabilities - CVEs Published In September 2022
The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts for accounts configured to use the PlexTrac authentication provider. An unauthenticated remote attacker could perform a bruteforce attack on the login page with no time or attempt limitation in an attempt to obtain valid credentials for the platform users configured to use the PlexTrac authentication provider.
CVSS Score
7.5
EPSS Score
0.009
Published
2022-09-08
The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider take significantly longer than those for invalid users, allowing for valid users to be enumerated by an unauthenticated remote attacker. Note that the lockout policy implemented in Plextrac version 1.17.0 makes it impossible to distinguish between valid, locked user accounts and user accounts that do not exist, but does not prevent valid, unlocked users from being enumerated.
CVSS Score
5.3
EPSS Score
0.004
Published
2022-09-08
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-09-08
In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.
CVSS Score
9.8
EPSS Score
0.008
Published
2022-09-08
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert function.
CVSS Score
7.2
EPSS Score
0.03
Published
2022-09-08
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the current_time parameter of the time function.
CVSS Score
7.2
EPSS Score
0.03
Published
2022-09-08
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the sendnum parameter of the ping function.
CVSS Score
7.2
EPSS Score
0.03
Published
2022-09-08
FPT G-97RG6M R4.2.98.035 and G-97RG3 R4.2.43.078 are vulnerable to Remote Command Execution in the ping function.
CVSS Score
8.8
EPSS Score
0.034
Published
2022-09-08
Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.cgi' with a sufficiently long parameter 'register_country'.
CVSS Score
9.8
EPSS Score
0.02
Published
2022-09-08
linked_list_allocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than `3 * size_of::<usize>` because of metadata write operations. This vulnerability impacts all the initialization functions on the `Heap` and `LockedHeap` types, including `Heap::new`, `Heap::init`, `Heap::init_from_slice`, and `LockedHeap::new`. It also affects multiple uses of the `Heap::extend` method. Version 0.10.2 contains a patch for the issue. As a workaround, ensure that the heap is only initialized with a size larger than `3 * size_of::<usize>` and that the `Heap::extend` method is only called with sizes larger than `2 * size_of::<usize>()`. Also, ensure that the total heap size is (and stays) a multiple of `2 * size_of::<usize>()`.
CVSS Score
8.4
EPSS Score
0.003
Published
2022-09-07