Day: Ağustos 17, 2022

CVE-2022-1410

OS Command Injection vulnerability in the db_optimize component of Device42 Asset Management Appliance allows an authenticated attacker to execute remote code on the device. This…

Devamını oku

CVE-2022-1401

Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with…

Devamını oku

CVE-2022-1400

Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports, as used in the Device42 Asset Management Appliance, allows an attacker to…

Devamını oku

CVE-2022-1399

An Argument Injection or Modification vulnerability in the “Change Secret” username field as used in the Discovery component of Device42 CMDB allows a local attacker…

Devamını oku