Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2023
CVE-2023-49408
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-07
CVE-2023-49409
Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-07
CVE-2023-49411
Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-07
CVE-2023-6333
The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-12-07
CVE-2023-33411
A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive information.
CVSS Score
7.5
EPSS Score
0.013
Published
2023-12-07
CVE-2023-33412
The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request targeting vulnerable cgi endpoints.
CVSS Score
8.8
EPSS Score
0.014
Published
2023-12-07
CVE-2023-33413
The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary commands.
CVSS Score
8.8
EPSS Score
0.019
Published
2023-12-07
CVE-2023-39909
Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-07
CVE-2023-40300
NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.
CVSS Score
9.8
EPSS Score
0.006
Published
2023-12-07
CVE-2023-40301
NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.
CVSS Score
9.8
EPSS Score
0.011
Published
2023-12-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved