CVSSv3 Score: 2.6 A Direct Request (‘Forced Browsing’) [CWE-425] vulnerability in FortiAuthenticator logs may allow an authenticated attacker with at least sponsor permissions to read and download device logs via...
Read MoreOverview An unauthenticated HTTP request can enable telnet which may lead to remote code execution with root-level privileges. Description TOTOLINK manufactures routers and other networking equipment designed for small...
Read MoreThreat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical security React2Shell flaw in React Server Components (RSC) to deliver a previously undocumented remote access trojan...
Read MoreCVSSv3 Score: 6.8 An improper neutralization of special elements used in an SQL command (‘SQL injection’) [CWE-89] in FortiVoice may allow an authenticated privileged attacker to execute unauthorized code or commands...
Read MoreOverview PCI Express Integrity and Data Encryption (PCIe IDE), introduced in the PCIe 6.0 standard, provides link-level encryption and integrity protection for data transferred across PCIe connections. Several issues were...
Read More