Every CVE whose affected-product data names Uniguest Tripleplay, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-50704 — CVSS 10.0 (critical): Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code…
CVE-2024-50707 — CVSS 10.0 (critical): Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code…
CVE-2024-50706 — CVSS 9.8 (critical): Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries…
CVE-2023-25760 — CVSS 8.8 (high): Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords…
CVE-2024-50705 — CVSS 7.1 (high): Unauthenticated reflected cross-site scripting (XSS) vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute…
CVE-2023-26599 — CVSS 6.1 (medium): XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run…
CVE-2023-25759 — CVSS 5.4 (medium): OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to…