CVE-2024-5560
- EPSS 0.16%
- Published 12.06.2024 17:15:52
- Last modified 21.11.2024 09:47:55
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request.
CVE-2024-37038
- EPSS 0.29%
- Published 12.06.2024 17:15:51
- Last modified 21.11.2024 09:23:05
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests.
CVE-2024-37039
- EPSS 0.54%
- Published 12.06.2024 17:15:51
- Last modified 21.11.2024 09:23:06
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request.
CVE-2024-37040
- EPSS 0.21%
- Published 12.06.2024 17:15:51
- Last modified 21.11.2024 09:23:06
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request.
CVE-2024-37036
- EPSS 0.08%
- Published 12.06.2024 17:15:50
- Last modified 21.11.2024 09:23:05
CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass when sending a malformed POST request and particular configuration parameters are set.
CVE-2024-37037
- EPSS 1.18%
- Published 12.06.2024 17:15:50
- Last modified 21.11.2024 09:23:05
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s web interface to corrupt files and impact device functionality when sending...