Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2023
CVE-2023-43138
TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point.
CVSS Score
8.8
EPSS Score
0.012
Published
2023-09-20
CVE-2022-3596
An information leak was found in OpenStack's undercloud. This flaw allows unauthenticated, remote attackers to inspect sensitive data after discovering the IP address of the undercloud, possibly leading to compromising private information, including administrator access credentials.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-09-20
CVE-2023-37410
IBM Personal Communications 14.05, 14.06, and 15.0.0 could allow a local user to escalate their privileges to the SYSTEM user due to overly permissive access controls. IBM X-Force ID: 260138.
CVSS Score
8.4
EPSS Score
0.0
Published
2023-09-20
CVE-2023-38718
IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data. IBM X-Force ID: 261606.
CVSS Score
3.7
EPSS Score
0.001
Published
2023-09-20
CVE-2023-39045
An information leak in kokoroe_members card Line 13.6.1 allows attackers to obtain the channel access token and send crafted messages.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-09-20
CVE-2023-39052
An information leak in Earthgarden_waiting 13.6.1 allows attackers to obtain the channel access token and send crafted messages.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-09-20
CVE-2023-40930
An issue in the directory /system/bin/blkid of Skyworth v3.0 allows attackers to perform a directory traversal via mounting the Udisk to /mnt/.
CVSS Score
6.8
EPSS Score
0.094
Published
2023-09-20
CVE-2023-41484
An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain sensitive information via a crafted JPEG file.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-09-20
CVE-2023-42147
An issue in CloudExplorer Lite 1.3.1 allows an attacker to obtain sensitive information via the login key component.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-09-20
CVE-2023-42331
A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component.
CVSS Score
8.8
EPSS Score
0.011
Published
2023-09-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved