Vendor Products CVEs KEV Avg EPSS Worst Severity 12 5 0 28.8% CRITICAL
CVE ID Description Severity CVSS KEV EPSS Published CVE-2024-5849 An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once. HIGH 7.1 — 27.5% Aug 13, 2024 CVE-2024-38502 An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once. HIGH 7.1 — 23.5% Aug 13, 2024 CVE-2024-38501 An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. MEDIUM 6.1 — 22.7% Aug 13, 2024 CVE-2024-6422 An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data. CRITICAL 9.8 — 43.4% Jul 10, 2024 CVE-2024-6421 An unauthenticated remote attacker can read out sensitive device information through a incorrectly configured FTP service. HIGH 7.5 — 39.7% Jul 10, 2024