CWE-419 · Unprotected Primary Channel
11 CVEs classified under CWE-419 (Unprotected Primary Channel). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2414 | High | 8.8 | 2024-03-13 | The primary channel is unprotected on Movistar 4G router affecting E version S_WLD71-T1_v2.0.201820. This device has the 'adb' service open on port 5555 and pr… |
CVE-2024-3051 | High | 7.5 | 2024-04-26 | Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end device. Any frames sent by the end device will not be acknowle… |
CVE-2023-30859 | High | 7.2 | 2023-05-01 | Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server. The CustomPayload packet allows you to execute commands… |
CVE-2025-24030 | High | 7.1 | 2025-01-23 | Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes… |
CVE-2023-6533 | Medium | 6.5 | 2024-02-21 | Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the controller to assume the end device has left the network. After… |
CVE-2019-11248 | Medium | 6.5 | 2019-08-29 | The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port… |
CVE-2022-33932 | Medium | 5.3 | 2022-08-22 | Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An un… |
CVE-2025-31964 | Low | 2.2 | 2026-01-07 | Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability… |
CVE-2024-50588 | | 2024-11-08 | An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant… | |
CVE-2018-12120 | | 2018-11-28 | Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `nod… | |
CVE-2018-12539 | | 2018-08-14 | In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same mac… |