Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2023
CVE-2023-40535
Stored cross-site scripting vulnerability in View setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-09-05
CVE-2023-40705
Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-09-05
CVE-2023-38574
Open redirect vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-09-05
CVE-2023-39448
Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.047
Published
2023-09-05
CVE-2023-4540
Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service (DoS) attack to be executed by sending a properly crafted request to the server. Such a request causes the program to enter an infinite loop. This issue affects lua-http: all versions before commit ddab283.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-05
CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-09-05
CVE-2023-28567
Memory corruption in WLAN HAL while handling command through WMI interfaces.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-09-05
CVE-2023-28573
Memory corruption in WLAN HAL while parsing WMI command parameters.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-09-05
CVE-2023-28581
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-05
CVE-2023-28584
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved