zty-1995
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-24122 | |
| [PRODUCT] | |
| Wanxing Technology's Yitu project Management Software - 3.2.2 | |
| [VERSION] | |
| Wanxing Technology's Yitu project Management Software - 3.2.2 | |
| [PROBLEM TYPE] | |
| remote Code Execution | |
| [DESCRIPTION] | |
| There is a remote code execution vulnerability in the project management of Wanxing Technology's Yitu project.Attackers can construct a special file name, automatically execute the constructed attack script |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-24116 | |
| [PRODUCT] | |
| RG-NBS2009G-P - RGOS 10.4(1)P2 Release(9736) | |
| [VERSION] | |
| RG-NBS2009G-P - RGOS 10.4(1)P2 Release(9736) | |
| [PROBLEM TYPE] | |
| Incorrect Access Control | |
| [DESCRIPTION] | |
| The RG-NBS2009G-P switch has an unauthorized access vulnerability, allowing attackers to gain server privileges and cause the server to crash. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-24117 | |
| [PRODUCT] | |
| RG-NBS2009G-P - RGOS 10.4(1)P2 Release(9736) | |
| [VERSION] | |
| RG-NBS2009G-P - RGOS 10.4(1)P2 Release(9736) | |
| [PROBLEM TYPE] | |
| Insecure Permissions | |
| [DESCRIPTION] | |
| The Ruijie RG-NBS2009G-P switch has an arbitrary user login vulnerability, which allows attackers to gain server privileges and cause the server to crash. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-48779 | |
| [PRODUCT] | |
| Wanxing Technology's Yitu project Management Software 3.2.2 - Wanxing Technology's Yitu project Management Software 3.2.2 | |
| [VERSION] | |
| Wanxing Technology's Yitu project Management Software 3.2.2 - Wanxing Technology's Yitu project Management Software 3.2.2 | |
| [PROBLEM TYPE] | |
| remote Code Execution | |
| [DESCRIPTION] | |
| An issue in Wanxing Technology's Yitu project Management Software 3.2.2 allows a remote attacker to execute arbitrary code via the platformpluginpath parameter to specify that the qt plugin loads the directory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-48781 | |
| [PRODUCT] | |
| Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 - Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 | |
| [VERSION] | |
| Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 - Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 | |
| [PROBLEM TYPE] | |
| Remote | |
| [DESCRIPTION] | |
| An issue in Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 allows a remote attacker to execute arbitrary code via a specially constructed so file/opt/EdrawProj-2/plugins/imageformat |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-48782 | |
| [PRODUCT] | |
| DYCMS Open Source Version v2.0.9.41 - DYCMS Open Source Version v2.0.9.41 | |
| [VERSION] | |
| DYCMS Open Source Version v2.0.9.41 - DYCMS Open Source Version v2.0.9.41 | |
| [PROBLEM TYPE] | |
| file upload vulnerability | |
| [DESCRIPTION] | |
| File Upload vulnerability in DYCMS Open-Source Version v2.0.9.41 allows a remote attacker to execute arbitrary code via the application only detecting the extension of image files in the front-end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [PRODUCT] | |
| Ruijie NBR3000D-E gateway - Ruijie NBR3000D-E gateway | |
| [VERSION] | |
| Ruijie NBR3000D-E gateway - Ruijie NBR3000D-E gateway | |
| [PROBLEM TYPE] | |
| file upload vulnerability | |
| [DESCRIPTION] | |
| An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via the /tool/shell/postgresql.conf component. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2024-51027 | |
| [PRODUCT] | |
| Ruijie NBR800G gateway NBR_RGOS_11.1(6)B4P9 | |
| [VERSION] | |
| Ruijie NBR800G gateway NBR_RGOS_11.1(6)B4P9 | |
| [PROBLEM TYPE] | |
| command execution vulnerability | |
| [DESCRIPTION] | |
| Ruijie NBR800G gateway NBR_RGOS_11.1(6)B4P9 is vulnerable to command execution in /itbox_pi/networksafe.php via the province parameter.An attacker can obtain server permissions through the vulnerability, causing the server to crash. |