VYPR

VIAware

by KramerAV

CVEs (3)

  • CVE-2021-35064CriJul 12, 2021
    risk 0.72cvss 9.8epss 0.71

    KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg.

  • CVE-2021-36356CriAug 31, 2021
    risk 0.71cvss 9.8epss 0.54

    KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an…

  • CVE-2019-17124CriOct 9, 2019
    risk 0.69cvss 9.8epss 0.23

    Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.