Every CVE whose affected-product data names Pentasecurity Wapples, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-35413 — CVSS 9.8 (critical): WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and…
CVE-2022-35582 — CVSS 8.8 (high): Penta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. The operating system that WAPPLES…
CVE-2022-31322 — CVSS 7.8 (high): Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged…
CVE-2022-31324 — CVSS 6.5 (medium): An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows…