Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2023
CVE-2023-43204
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function sub_2EF50. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-09-20
CVE-2023-43206
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function web_cert_download_handler. This vulnerability allows attackers to execute arbitrary commands via the certDownload parameter.
CVSS Score
9.8
EPSS Score
0.016
Published
2023-09-20
CVE-2023-43207
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler. This vulnerability allows attackers to execute arbitrary commands via the configRestore parameter.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-09-20
CVE-2023-41902
An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-09-20
CVE-2023-43196
D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the zn_jb parameter in the arp_sys.asp function.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-09-20
CVE-2023-43197
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-09-20
CVE-2023-43198
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the popupId parameter in the H5/hi_block.asp function.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-09-20
CVE-2023-43199
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the prev parameter in the H5/login.cgi function.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-09-20
CVE-2019-19450
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.
CVSS Score
9.8
EPSS Score
0.095
Published
2023-09-20
CVE-2022-1438
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
CVSS Score
6.4
EPSS Score
0.002
Published
2023-09-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved