n0obit4/Vulnerability_Disclosure

Releases0

All the vulnerabilities that I have discovered and have a CVE assigned (Adhering to the corresponding Vulnerability Disclosure Policies).

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-49340 ↗	Mar 9, 2024Saturday, 9 March 2024, 05:15	9.8 CRITICAL	—
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011, allows remote attackers to escalate privileges and bypass authentication via incorrect access control in the web management portal.
CVE-2023-49341 ↗	Mar 9, 2024Saturday, 9 March 2024, 05:15	7.5 HIGH	—
An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011, allows remote attackers to obtain sensitive information via cleartext credential storage in backup.htm component.
CVE-2023-50015 ↗	Mar 9, 2024Saturday, 9 March 2024, 05:15	8.8 HIGH	—
An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote attackers to escalate privileges via incorrect access control using an end-user session-identity token.