| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-43662 | Authenticated arbitrary file upload to /tmp/ and /tmp/upload/ | Iocharger | Iocharger firmware for AC models | 中危 | - | 2025-01-09 07:56:46 | Deep Dive |
| CVE-2024-43659 | Plaintext default credentials in firmware | Iocharger | Iocharger firmware for AC models | 中危 | - | 2025-01-09 07:56:46 | Deep Dive |
| CVE-2024-43657 | When uploading new firmware, a shell script inside a firmware file is executed during its processing. This can be used to craft a custom firmware file with a custom script with arbitrary code, which will then be executed on the charging station. | Iocharger | Iocharger firmware for AC models | 中危 | - | 2025-01-09 07:56:46 | Deep Dive |
| CVE-2024-43656 | A backup can be manipulated and then restored to create arbitrary files inside the <redacted> directory. A CGI script can be added to the web directory this way, allowing for full remote code execution. | Iocharger | Iocharger firmware for AC models | 中危 | - | 2025-01-09 07:56:46 | Deep Dive |
| CVE-2024-43652 | Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station | Iocharger | Iocharger firmware for AC chargers | 中危 | - | 2025-01-09 07:56:46 | Deep Dive |
| CVE-2024-43650 | Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station | Iocharger | Iocharger firmware for AC models | 中危 | - | 2025-01-09 07:56:46 | Deep Dive |
| CVE-2024-43648 | Authenticated command injection via <redacted>.exe <redacted> parameter | Iocharger | Iocharger firmware for AC models | 中危 | - | 2025-01-09 07:56:46 | Deep Dive |
| CVE-2024-43655 | Any authenticated users can execute OS commands as root using the <redacted>.sh CGI script. | Iocharger | Iocharger firmware for AC models | 中危 | - | 2025-01-09 07:56:45 | Deep Dive |
| CVE-2024-9200 | Zyxel VMG4005-B50A 安全漏洞 | Zyxel | VMG4005-B50A firmware | High | 7.2 | 2024-12-03 01:33:47 | Deep Dive |
| CVE-2024-9197 | Zyxel VMG3625-T50B 安全漏洞 | Zyxel | VMG3625-T50B firmware | Medium | 4.9 | 2024-12-03 01:24:37 | Deep Dive |
| CVE-2024-8748 | Zyxel VMG8825-T50K 安全漏洞 | Zyxel | VMG8825-T50K firmware | High | 7.5 | 2024-12-03 01:15:47 | Deep Dive |
| CVE-2024-11667 | Zyxel多款产品 路径遍历漏洞 | Zyxel | ATP series firmware | High | 7.5 | 2024-11-27 09:39:42 | Deep Dive |
| CVE-2024-11494 | Zyxel P-6101C 授权问题漏洞 | Zyxel | P-6101C firmware | High | 7.5 | 2024-11-20 09:36:07 | Deep Dive |
| CVE-2020-3431 | Cisco Small Business RV Series Routers Cross-Site Scripting Vulnerability | Cisco | Cisco Small Business RV Series Router Firmware | Medium | 6.1 | 2024-11-18 16:02:42 | Deep Dive |
| CVE-2021-1379 | Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities | Cisco | Cisco IP Phones with Multiplatform Firmware | Medium | 6.5 | 2024-11-18 15:42:00 | Deep Dive |
| CVE-2024-34167 | Intel Server Board S2600ST 代码问题漏洞 | - | Intel(R) Server Board S2600ST Family BIOS and Firmware Update software | Medium | 6.7 | 2024-11-13 21:11:37 | Deep Dive |
| CVE-2024-36282 | Intel Server Board S2600ST 输入验证错误漏洞 | - | Intel(R) Server Board S2600ST Family BIOS and Firmware Update software | High | 8.2 | 2024-11-13 21:11:36 | Deep Dive |
| CVE-2024-9413 | ARM SCP-Firmware 安全漏洞 | Arm | SCP-Firmware | - | - | 2024-11-13 16:09:26 | Deep Dive |
| CVE-2024-9477 | XSS in AirTies' Air4443 Firmware | AirTies | Air4443 Firmware | - | - | 2024-11-13 14:29:41 | Deep Dive |
| CVE-2024-8882 | Zyxel GS1900 安全漏洞 | Zyxel | GS1900-48 firmware | Medium | 4.5 | 2024-11-12 01:23:57 | Deep Dive |