Thinkagile Hx1021 Edg CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-40137	1 Lenovo	571 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 568 more	2025-03-27	6.7 Medium
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2023-4607	1 Lenovo	231 Thinkagile Hx1021 Edg, Thinkagile Hx1021 Edg Firmware, Thinkagile Hx1320 and 228 more	2024-12-03	7.5 High
An authenticated XCC user can change permissions for any user through a crafted API command.
CVE-2024-8278	1 Lenovo	139 Thinkagile Hx1021 Edge Certified Node 3yr Firmware, Thinkagile Hx1320 Firmware, Thinkagile Hx1321 Firmware and 136 more	2024-09-14	7.2 High
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands.
CVE-2024-8280	1 Lenovo	139 Thinkagile Hx1021 Edge Certified Node 3yr Firmware, Thinkagile Hx1320 Firmware, Thinkagile Hx1321 Firmware and 136 more	2024-09-14	7.2 High
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection or cause a recoverable denial of service using a specially crafted file.
CVE-2024-8281	1 Lenovo	139 Thinkagile Hx1021 Edge Certified Node 3yr Firmware, Thinkagile Hx1320 Firmware, Thinkagile Hx1321 Firmware and 136 more	2024-09-14	7.2 High
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input in the XCC SSH captive shell.
CVE-2024-8279	1 Lenovo	139 Thinkagile Hx1021 Edge Certified Node 3yr Firmware, Thinkagile Hx1320 Firmware, Thinkagile Hx1321 Firmware and 136 more	2024-09-14	7.2 High
A privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.

Page 1 of 1.