Hgiga Oaklouds_portal
5 CVEs affecting Hgiga Oaklouds_portal. Latest disclosed: 2023-03-27. Critical: 3, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-25909 | Critical | 9.8 | 2023-03-27 | HGiga OAKlouds file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability… |
CVE-2021-37913 | Critical | 9.8 | 2021-09-15 | The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers… |
CVE-2021-37912 | Critical | 9.8 | 2021-09-15 | The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. Remote attacke… |
CVE-2022-38118 | High | 8.8 | 2022-08-30 | OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user privilege can perform SQL-injection to a… |
CVE-2021-22850 | Medium | 5.3 | 2021-01-19 | HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions. |