Test Blog - Cloud WAF

CVE-2024-31202 : PLUG&TRACK THERMOSCAN IP 20211103 PERMISSION ASSIGNMENT

Description A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation. References…

Common Vulnerabilities and Exposures

CVE-2024-7332 : TOTOLINK CP450 4.1.0CU.747_B20191224 TELNET SERVICE PRODUCT.INI HARD-CODED PASSWORD

Description A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of…

Common Vulnerabilities and Exposures

CVE-2024-7327 : XINHU ROCKOA 2.6.2 OPENMODHETONGACTION.PHP DATAACTION NICKNAME SQL INJECTION

Description A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of…

Common Vulnerabilities and Exposures

CVE-2024-7326 : IOBIT DUALSAFE PASSWORD MANAGER 1.4.0.3 BPL RTL120.BPL UNCONTROLLED SEARCH PATH

Description A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of…

Common Vulnerabilities and Exposures

CVE-2024-37142 : DELL PERIPHERAL MANAGER UP TO 1.7.5 SYMBOLIC LINKS UNCONTROLLED SEARCH PATH

Description Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious…

Common Vulnerabilities and Exposures

CVE-2024-7208 : HostGator Hosted Services authentication spoofing – HOSTGATOR HOSTED SERVICES AUTHENTICATION SPOOFING

Description Hosted services do not verify the sender of an email against authenticated users, allowing an attacker to spoof the identify of another user's email…