Search
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20052 | 1 Cerner | 2 Connectivity Engine 4, Connectivity Engine 4 Firmware | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command. | |||||
| CVE-2018-16752 | 1 Linknet-usa | 2 Lw-n605r, Lw-n605r Firmware | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases. | |||||