Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-40111
In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-09-06
CVE-2022-40112
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-09-06
CVE-2021-43076
An improper privilege management vulnerability [CWE-269] in FortiADC versions 6.2.1 and below, 6.1.5 and below, 6.0.4 and below, 5.4.5 and below and 5.3.7 and below may allow a remote authenticated attacker with restricted user profile to modify the system files using the shell access.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-09-06
CVE-2021-43080
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack through the URI parameter via the Threat Feed IP address section of the Security Fabric External connectors.
CVSS Score
4.6
EPSS Score
0.004
Published
2022-09-06
CVE-2022-26114
An improper neutralization of input during web page generation vulnerability [CWE-79] in the Webmail of FortiMail before 7.2.0 may allow an unauthenticated attacker to trigger a cross-site scripting (XSS) attack via sending specially crafted mail messages.
CVSS Score
5.4
EPSS Score
0.008
Published
2022-09-06
CVE-2022-2714
Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.
CVSS Score
8.1
EPSS Score
0.004
Published
2022-09-06
CVE-2022-2901
Improper Authorization in GitHub repository chatwoot/chatwoot prior to 2.8.
CVSS Score
7.6
EPSS Score
0.001
Published
2022-09-06
CVE-2022-34882
Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to gain sensitive information. This issue affects: Hitachi RAID Manager Storage Replication Adapter 02.01.04 versions prior to 02.03.02 on Windows; 02.05.00 versions prior to 02.05.01 on Windows and Docker.
CVSS Score
9.0
EPSS Score
0.003
Published
2022-09-06
CVE-2022-34883
OS Command Injection vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to execute arbitrary OS commands. This issue affects: Hitachi RAID Manager Storage Replication Adapter 02.01.04 versions prior to 02.03.02 on Windows; 02.05.00 versions prior to 02.05.01 on Windows and Docker.
CVSS Score
7.2
EPSS Score
0.012
Published
2022-09-06
CVE-2022-34747
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.
CVSS Score
9.8
EPSS Score
0.028
Published
2022-09-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved