CVE-2022-41594 The phones have the fingerprint vulnerability. Successful exploitation may affect the fingerprint service.
A local attacker may access and control the smart phone or read personal data from it.
Vulnerabilities Scoring System
The Vulnerabilities Scoring System (VSS) is
CVE-2022-42070 The BCSMS v1.0 is vulnerable to CSRF.
CSRF is a type of attack where an attacker tricks a website into executing unwanted actions on the user's behalf. This can be
CVE-2022-41535 The Open Source SACCO Management System v1.0 has a SQL injection vulnerability via the id parameter.
The code of this vulnerable management endpoint is as follows.
/sacco_shield/manage_borrower.php?id=1 The id parameter is used to assign an
CVE-2022-42161 The COVR 1200,1202,1203 v1.08 was found to have a command injection vulnerability in the SetTriggerWPS/PIN parameter.
The command injection can be exploited by issuing a request to set a custom WPS pin. An attacker can exploit the command injection to change
CVE-2022-41482 An exploit in the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was found that had a buffer overflow.
An attacker can exploit this vulnerability by sending a specially crafted request to the 0x47c5dc function. It is advised to update Tenda AC1200 US_AC6V2.
Episode
00:00:00
00:00:00