CVE-2024-43390

HIGH Year: 2024
CVSS v3 Score
8.1
High
Weakness Type
CWE-74
View all →

Vulnerability Description

A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.

Related Vulnerabilities

CVE-2013-2678

HIGH
CVSS:8.1(High)

Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted ...

CWE-742013

CVE-2013-3212

HIGH
CVSS:8.1(High)

vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code.

CWE-742013

CVE-2015-4075

HIGH
CVSS:8.1(High)

The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task.

CWE-742015

CVE-2016-10845

HIGH
CVSS:8.1(High)

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).

CWE-742016

CVE-2016-10847

HIGH
CVSS:8.1(High)

cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80).

CWE-742016

CVE-2018-1000130

HIGH
CVSS:8.1(High)

A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.

CWE-742018