|
141
|
9.8 |
CRITICAL
Network
dlink
|
dsl6740c_firmware
|
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access…
Update
|
CWE-648
Incorrect Use of Privileged APIs
|
CVE-2024-11068
|
2024-11-16 03:24 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
142
|
7.5 |
HIGH
Network
dlink
|
dsl6740c_firmware
|
The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Additionally, since the device's …
Update
|
CWE-23
Relative Path Traversal
|
CVE-2024-11067
|
2024-11-16 03:23 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
143
|
7.2 |
HIGH
Network
|
dlink
|
dsl6740c_firmware
|
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through the specific web p…
Update
|
CWE-78
OS Command
|
CVE-2024-11066
|
2024-11-16 03:22 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
144
|
7.2 |
HIGH
Network
|
dlink
|
dsl6740c_firmware
|
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functio…
Update
|
CWE-78
OS Command
|
CVE-2024-11065
|
2024-11-16 03:22 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
145
|
7.2 |
HIGH
Network
|
dlink
|
dsl6740c_firmware
|
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functio…
Update
|
CWE-78
OS Command
|
CVE-2024-11064
|
2024-11-16 03:22 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
146
|
7.2 |
HIGH
Network
|
dlink
|
dsl6740c_firmware
|
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functio…
Update
|
CWE-78
OS Command
|
CVE-2024-11063
|
2024-11-16 03:21 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
147
|
7.2 |
HIGH
Network
|
dlink
|
dsl6740c_firmware
|
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functio…
Update
|
CWE-78
OS Command
|
CVE-2024-11062
|
2024-11-16 03:21 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
148
|
- |
|
-
|
-
|
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to loca…
New
|
CWE-59
CWE-281
CWE-61
Link Following
Improper Preservation of Permissions
UNIX Symbolic Link (Symlink) Following
|
CVE-2024-52522
|
2024-11-16 03:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
149
|
- |
|
-
|
-
|
Nextcloud Server is a self hosted personal cloud system. After a user received a share with some files inside being blocked by the files access control, the user would still be able to copy the inter…
New
|
CWE-284
Improper Access Control
|
CVE-2024-52514
|
2024-11-16 03:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
150
|
- |
|
-
|
-
|
Nextcloud Server is a self hosted personal cloud system. After receiving a "Files drop" or "Password protected" share link a malicious user was able to download attachments that are referenced in Tex…
New
|
CWE-200
Information Exposure
|
CVE-2024-52513
|
2024-11-16 03:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
