CVE-2023-34435

HIGH Year: 2023
CVSS v3 Score
7.2
High
Weakness Type
CWE-347
View all →

Vulnerability Description

A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malicious file to trigger this vulnerability.

Related Vulnerabilities

CVE-2020-26122

HIGH
CVSS:7.2(High)

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller (BMC) program of INSPUR server is weak in check...

CWE-3472020

CVE-2020-9047

HIGH
CVSS:7.2(High)

A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterpri...

CWE-3472020

CVE-2021-22708

HIGH
CVSS:7.2(High)

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all version...

CWE-3472021

CVE-2021-22734

HIGH
CVSS:7.2(High)

Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthori...

CWE-3472021

CVE-2021-22735

HIGH
CVSS:7.2(High)

Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied ...

CWE-3472021

CVE-2021-32977

HIGH
CVSS:7.2(High)

AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data.

CWE-3472021