ymkyu/CVE

Releases0

Stars16

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-33788 ↗	May 6, 2024Monday, 6 May 2024, 13:15	8 HIGH	—
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the PinCode parameter at /API/info form endpoint.
CVE-2024-33791 ↗	May 3, 2024Friday, 3 May 2024, 17:15	4.6 MEDIUM	—
A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the getTimeZone function.
CVE-2024-33792 ↗	May 3, 2024Friday, 3 May 2024, 17:15	9.8 CRITICAL	—
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the tracert page.
CVE-2024-33793 ↗	May 3, 2024Friday, 3 May 2024, 17:15	5.3 MEDIUM	—
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page.
CVE-2024-33789 ↗	May 3, 2024Friday, 3 May 2024, 17:15	9.8 CRITICAL	—
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint.