High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| CIRCUTOR–CIRCUTOR Q-SMT |
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalities implemented at web level that allow interacting with the device. | 2024-09-18 | 10 | CVE-2024-8887 cve-coordination@incibe.es |
| CIRCUTOR–CIRCUTOR Q-SMT |
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web application without restrictions. Token theft can originate from different methods such as network captures, locally stored web information, etc. | 2024-09-18 | 10 | CVE-2024-8888 cve-coordination@incibe.es |
| dragonflyoss–Dragonfly2 |
Dragonfly is an open sou […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Bulletins
Read the original article: Post navigation |