Milesight Devicehub

6 CVEs affecting Milesight Devicehub. Latest disclosed: 2024-06-02. Critical: 4, High: 1.

Top CVEs affecting Milesight Devicehub
CVESeverityScorePublishedSummary
CVE-2024-36388Critical10.02024-06-02MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
CVE-2024-36389Critical9.82024-06-02MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass
CVE-2024-27776Critical9.82024-06-02MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE
CVE-2024-36391Critical9.12024-06-02MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic
CVE-2024-36390High7.52024-06-02MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service
CVE-2024-36392Medium6.12024-06-02MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')