CVE-2024-0387

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-1188
View all →

Vulnerability Description

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.

Related Vulnerabilities

CVE-2020-12732

MEDIUM
CVSS:6.5(Medium)

DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678.

CWE-11882020

CVE-2021-41192

MEDIUM
CVSS:6.5(Medium)

Redash is a package for data visualization and sharing. If an admin sets up Redash versions 10.0.0 and prior without explicitly specifying the `REDASH_COOKIE_SECRET` or `REDASH_SECRET_KEY` environment...

CWE-11882021

CVE-2022-32480

MEDIUM
CVSS:6.5(Medium)

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated atta...

CWE-11882022

CVE-2023-31101

MEDIUM
CVSS:6.5(Medium)

Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined ...

CWE-11882023

CVE-2023-5368

MEDIUM
CVSS:6.5(Medium)

On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather...

CWE-11882023

CVE-2025-29985

MEDIUM
CVSS:6.5(Medium)

Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Initialization of a Resource with an Insecure Default vulnerability in the Common Anti-Virus Agent (CAVA). An unauthenticated attacker ...

CWE-11882025