VYPR

Devicehub

by Milesight

CVEs (6)

  • CVE-2024-36388CriJun 2, 2024
    risk 0.65cvss 10.0epss 0.00

    MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function

  • CVE-2024-36389CriJun 2, 2024
    risk 0.64cvss 9.8epss 0.01

    MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass

  • CVE-2024-27776CriJun 2, 2024
    risk 0.64cvss 9.8epss 0.01

    MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE

  • CVE-2024-36391CriJun 2, 2024
    risk 0.59cvss 9.1epss 0.00

    MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic

  • CVE-2024-36390HigJun 2, 2024
    risk 0.49cvss 7.5epss 0.00

    MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service

  • CVE-2024-36392MedJun 2, 2024
    risk 0.40cvss 6.1epss 0.00

    MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')