Recent CVEs
CVE-2024-9188
Specially constructed queries cause cross platform scripting leaking administrator tokens
CVE-2024-47520
A user with advanced report application access rights can perform actions for which they are not authorized
CVE-2024-47519
Backup uploads to ETM subject to man-in-the-middle interception
CVE-2024-47518
Specially constructed queries targeting ETM could discover active remote access sessions
CVE-2024-47517
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
CVE-2024-9134
Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
CVE-2024-9133
A user with administrator privileges is able to retrieve authentication tokens
CVE-2024-9132
The administrator is able to configure an insecure captive portal script
CVE-2024-9131
A user with administrator privileges can perform command injection