CVE-2024-23814
- EPSS 0.24%
- Veröffentlicht 11.02.2025 11:15:12
- Zuletzt bearbeitet 08.04.2025 09:15:17
The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote atta...
CVE-2024-46886
- EPSS 0.07%
- Veröffentlicht 08.10.2024 09:15:16
- Zuletzt bearbeitet 10.10.2024 12:56:30
The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate ...
CVE-2024-46887
- EPSS 0.12%
- Veröffentlicht 08.10.2024 09:15:16
- Zuletzt bearbeitet 08.04.2025 21:15:46
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle t...