Falhas do tipo CWE-489
79 resultadosCVE-2023-32645CRITICALA leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. A specially crafted neEPSS 53.5%CVE-2017-5259—In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available uEPSS 39.2%CVE-2022-20649HIGHCisco Redundancy Configuration Manager Debug Remote Code Execution VulnerabilityEPSS 11.6%CVE-2022-38715HIGHA leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-cEPSS 3.7%CVE-2018-5454—Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could alloEPSS 3.5%CVE-2021-3972MEDIUMA potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly nEPSS 3.0%CVE-2024-9643CRITICALFour-Faith F3x36 Hidden Debug CredentialsEPSS 3.0%CVE-2022-29520HIGHAn OS command injection vulnerability exists in the console_main_loop :sys functionality of Abode Systems, Inc. iota All-In-One Security KitEPSS 2.8%CVE-2020-5763—Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. An authenticated remote attacker can obtEPSS 2.7%CVE-2022-25995CRITICALA command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted netwEPSS 2.5%CVE-2022-32585CRITICALA command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can leEPSS 2.5%CVE-2020-5756—Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system's crontab via undocumented APIEPSS 2.5%CVE-2020-8477HIGHABB System 800xA Information Manager Remote Code ExecutionEPSS 1.7%CVE-2021-33591—An exposed remote debugging port in Naver Comic Viewer prior to 1.0.15.0 allowed a remote attacker to execute arbitrary code via a crafted HEPSS 1.6%CVE-2024-21785CRITICALA leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A speciallEPSS 1.5%CVE-2022-29888MEDIUMA leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks InRouter302 V3.5.45. A specialEPSS 1.5%CVE-2023-34346CRITICALA stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially crafteEPSS 1.3%CVE-2021-3971MEDIUMA potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenlyEPSS 1.3%CVE-2021-40419CRITICALA firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted series of networEPSS 1.2%CVE-2023-22357CRITICALActive debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being execuEPSS 1.2%