CVE-2021-27702

CVE-2021-27702

Título es
CVE-2021-27702

Mar, 12/11/2024 – 23:15

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2021-27702

Descripción en
Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Access Control via the diagnostic utility in the router dashboard.

13/11/2024
13/11/2024
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

  • https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2021-27702

    • Enviar en el boletín
    Off

    CVE-2021-27701

    CVE-2021-27701

    Título es
    CVE-2021-27701

    Mar, 12/11/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2021-27701

    Descripción en
    SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.

    13/11/2024
    13/11/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2021-27701

    • Enviar en el boletín
    Off

    CVE-2021-27700

    CVE-2021-27700

    Título es
    CVE-2021-27700

    Mar, 12/11/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2021-27700

    Descripción en
    SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized customer with partner mode can switch to another customer dashboard and perform actions like modify user, delete user, etc.

    13/11/2024
    13/11/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2021-27700

    • Enviar en el boletín
    Off

    CVE-2024-28731

    CVE-2024-28731

    Título es
    CVE-2024-28731

    Mar, 12/11/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-28731

    Descripción en
    Cross Site Request Forgery vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to obtain sensitive information via the Port forwarding option.

    13/11/2024
    13/11/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/Mrnmap/mrnmap-cve/

  • https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2024-28731%2C%20%20Cross%20Site%20Request%20Forgery%20vulnerability%20in%20DLink%20DWR%202000M%205G%20CPE

    • Enviar en el boletín
    Off

    CVE-2024-28730

    CVE-2024-28730

    Título es
    CVE-2024-28730

    Mar, 12/11/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-28730

    Descripción en
    Cross Site Scripting vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to obtain sensitive information via the file upload feature of the VPN configuration module.

    13/11/2024
    13/11/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/Mrnmap/mrnmap-cve

  • https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2024-28730-ReflectedXSS

    • Enviar en el boletín
    Off

    CVE-2024-28729

    CVE-2024-28729

    Título es
    CVE-2024-28729

    Mar, 12/11/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-28729

    Descripción en
    An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted request.

    13/11/2024
    13/11/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/Mrnmap/mrnmap-cve

  • https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2024-28729

    • Enviar en el boletín
    Off

    CVE-2024-28728

    CVE-2024-28728

    Título es
    CVE-2024-28728

    Mar, 12/11/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-28728

    Descripción en
    Cross Site Scripting vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to obtain sensitive information via a crafted payload to the WiFi SSID Name field.

    13/11/2024
    13/11/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/Mrnmap/mrnmap-cve

  • https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2024-28728

    • Enviar en el boletín
    Off

    CVE-2024-28726

    CVE-2024-28726

    Título es
    CVE-2024-28726

    Mar, 12/11/2024 – 23:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-28726

    Descripción en
    An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local attacker to execute arbitrary code via a crafted payload to the Diagnostics function.

    13/11/2024
    13/11/2024
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/Mrnmap/mrnmap-cve

  • https://github.com/Mrnmap/mrnmap-cve/blob/main/CVE-2024-28726

    • Enviar en el boletín
    Off

    CVE-2024-49508

    CVE-2024-49508

    Título es
    CVE-2024-49508

    Mar, 12/11/2024 – 21:15

    Tipo
    CWE-122

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-49508

    Descripción en
    InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    12/11/2024
    12/11/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    7.80

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    HIGH

    Referencias

  • https://helpx.adobe.com/security/products/indesign/apsb24-88.html

    • Enviar en el boletín
    Off

    CVE-2024-49512

    CVE-2024-49512

    Título es
    CVE-2024-49512

    Mar, 12/11/2024 – 21:15

    Tipo
    CWE-125

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-49512

    Descripción en
    InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    12/11/2024
    12/11/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/indesign/apsb24-88.html

    • Enviar en el boletín
    Off