Test Blog - Cloud WAF

CVE-2024-45824 : ROCKWELL AUTOMATION FACTORYTALK VIEW SITE EDITION UP TO 14.0 COMMAND INJECTION

Description CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The vulnerability occurs when chained with Path Traversal, Command Injection, and XSS Vulnerabilities…

Common Vulnerabilities and Exposures

CVE-2024-6658 : PROGRESS LOADMASTER UP TO 7.2.60.0 OS COMMAND INJECTION

Description Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to…

Common Vulnerabilities and Exposures

CVE-2024-45849 : MINDSDB UP TO 24.7.4.0 MICROSOFT SHAREPOINT INTEGRATION NEUTRALIZATION OF DIRECTIVES

Description An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on…

Common Vulnerabilities and Exposures

CVE-2024-20381 : CISCO IOS XR JSON-RPC API IMPROPER AUTHORIZATION

Description A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco Crosswork Network Services Orchestrator (NSO),…

Common Vulnerabilities and Exposures

CVE-2024-44466 : COMFAST CF-XR11 2.7.2 HTTP POST REQUEST /USR/BIN/WEBMGNT SUB_424CB4 IFACE COMMAND INJECTION

Description COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter…

Common Vulnerabilities and Exposures

CVE-2024-45013 : LINUX KERNEL UP TO 6.10.6 NVME_UNINIT_CTRL USE AFTER FREE

Description In the Linux kernel, the following vulnerability has been resolved: nvme: move stopping keep-alive into nvme_uninit_ctrl() Commit 4733b65d82bd ("nvme: start keep-alive after admin queue…