Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-44343PUBLISHED: 2023-02-06CRMEB 4.4.4 is vulnerable to Any File download.
CVE-2022-48085PUBLISHED: 2023-02-06Softr v2.0 was discovered to contain a HTML injection vulnerability via the Work Space Name parameter.
CVE-2022-48164PUBLISHED: 2023-02-06An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.
CVE-2021-36224PUBLISHED: 2023-02-06Western Digital My Cloud devices before OS5 have a nobody account with a blank password.
CVE-2021-36225PUBLISHED: 2023-02-06Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as demonstrated by API commands for firmware uploads and installation.