Every CVE whose affected-product data names Lcnet Smart Evision, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-39033 — CVSS 9.8 (critical): Smart eVision’s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the…
CVE-2022-39032 — CVSS 8.8 (high): Smart eVision has an improper privilege management vulnerability. A remote attacker with general user privilege can exploit this…
CVE-2022-39030 — CVSS 7.5 (high): smart eVision has inadequate authorization for system information query function. An unauthenticated remote attacker, who is not explicitly…
CVE-2022-39029 — CVSS 6.5 (medium): Smart eVision has inadequate authorization for the database query function. A remote attacker with general user privilege, who is not…
CVE-2022-39034 — CVSS 6.5 (medium): Smart eVision has a path traversal vulnerability in the Report API function due to insufficient filtering for special characters in URLs. A…
CVE-2022-39035 — CVSS 6.1 (medium): Smart eVision has insufficient filtering for special characters in the POST Data parameter in the specific function. An unauthenticated…
CVE-2022-39031 — CVSS 5.3 (medium): Smart eVision has insufficient authorization for task acquisition function. An unauthorized remote attacker can exploit this vulnerability…