Known Vulnerabilities
CVE-2024-36391
MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic
CRITICAL
CVSS 9.1
Published Jun 02, 2024
CVE-2024-36390
MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service
HIGH
CVSS 7.5
Published Jun 02, 2024
CVE-2024-36389
MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass
CRITICAL
CVSS 9.8
Published Jun 02, 2024
CVE-2024-36388
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
CRITICAL
CVSS 10.0
Published Jun 02, 2024
CVE-2024-27776
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE
CRITICAL
CVSS 9.8
Published Jun 02, 2024