Security Vulnerabilities - CVEs Published In January 2019
An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult function calls the system function with an untrusted input parameter named Address. Consequently, an attacker can execute any command remotely when they control this input.
CVSS Score
9.8
EPSS Score
0.213
Published
2019-01-31
The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-01-31
A reliance on a static, hard-coded credential in the design of the cloud-based storage system of Practecol's Guardzilla All-In-One Video Security System allows an attacker to view the private data of all users of the Guardzilla device.
CVSS Score
10.0
EPSS Score
0.005
Published
2019-01-31
typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula.
CVSS Score
6.1
EPSS Score
0.009
Published
2019-01-31
typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula.
CVSS Score
6.1
EPSS Score
0.009
Published
2019-01-31
In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-01-31
NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. Android ID: A-62540032 Severity Rating: High Version: N/A.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-01-31
The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges.
CVSS Score
7.8
EPSS Score
0.005
Published
2019-01-31
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF.
CVSS Score
5.8
EPSS Score
0.019
Published
2019-01-31
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI.
CVSS Score
8.6
EPSS Score
0.714
Published
2019-01-31
Page 1