VYPR

Escan

by MicroWorld Technologies

CVEs (5)

  • CVE-2024-13990CriSep 19, 2025
    risk 0.60cvss epss 0.01

    MicroWorld eScan AV's update mechanism failed to ensure authenticity and integrity of updates: update packages were delivered and accepted without robust cryptographic verification. As a result, an on-path attacker could perform a man-in-the-middle (MitM) attack and substitute…

  • CVE-2008-1221Mar 10, 2008
    risk 0.03cvss epss 0.03

    Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command.

  • CVE-2018-18388Dec 20, 2018
    risk 0.00cvss epss 0.02

    eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222.

  • CVE-2007-2687May 24, 2007
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in the MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan before 9.0.718.1 allows remote attackers to execute arbitrary code via a long command.

  • CVE-2007-0655May 2, 2007
    risk 0.00cvss epss 0.03

    The MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan 8.0.671.1, and possibly other versions, allows remote or local attackers to gain privileges and execute arbitrary commands by connecting directly to TCP port 2222.