PCIe
by RELY-PCIe
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-44577 | Hig | 0.57 | 8.8 | 0.01 | Sep 11, 2024 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function. | ||
| CVE-2024-44574 | Hig | 0.57 | 8.8 | 0.01 | Sep 11, 2024 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function. | ||
| CVE-2024-44571 | Hig | 0.57 | 8.8 | 0.00 | Sep 11, 2024 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php. | ||
| CVE-2024-44570 | Hig | 0.57 | 8.8 | 0.00 | Sep 11, 2024 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php. | ||
| CVE-2024-44573 | Med | 0.31 | 4.7 | 0.00 | Sep 11, 2024 | A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||
| CVE-2024-44575 | Low | 0.24 | 3.7 | 0.00 | Sep 11, 2024 | RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session. |
- risk 0.57cvss 8.8epss 0.01
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function.
- risk 0.57cvss 8.8epss 0.01
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function.
- risk 0.57cvss 8.8epss 0.00
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php.
- risk 0.57cvss 8.8epss 0.00
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php.
- risk 0.31cvss 4.7epss 0.00
A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
- risk 0.24cvss 3.7epss 0.00
RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.