Shodan
Vulnerabilities
Vulnerable Software
Escanav:  Security Vulnerabilities
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1.
CVSS Score
7.2
EPSS Score
0.018
Published
2023-05-17
CVE-2023-31703
Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.
CVSS Score
9.0
EPSS Score
0.013
Published
2023-05-17
CVE-2021-26624
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by manipulating parameter values.
CVSS Score
7.8
EPSS Score
0.019
Published
2022-04-01
CVE-2018-18388
eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-12-20
CVE-2018-10098
In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).
CVSS Score
5.5
EPSS Score
0.0
Published
2018-07-13
CVE-2018-6201
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020E0 or 0x830020E4.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-01-25
CVE-2018-6202
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020F8.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-01-25
CVE-2018-6203
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300210C.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-01-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved