Easylog Web\+ Firmware CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-48389	1 Multisuns	2 Easylog Web\+, Easylog Web\+ Firmware	2024-12-02	7.5 High
Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files.
CVE-2023-48390	1 Multisuns	2 Easylog Web\+, Easylog Web\+ Firmware	2024-11-21	9.8 Critical
Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can exploit this vulnerability to inject code and access the system to perform arbitrary system operations or disrupt service.
CVE-2023-48388	1 Multisuns	2 Easylog Web\+, Easylog Web\+ Firmware	2024-11-21	9.8 Critical
Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.

Page 1 of 1.