Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-15

CWE-15

External Control of System or Configuration Setting

Parent: CWE-642 - External Control of Critical State Data

One or more system settings or configuration elements can be externally controlled by a user.

58 vulnerabilities with CWE-15

CVE-2024-39799 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - RCE

CVE-2024-39798 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - RCE

CVE-2024-39795 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Permission Bypass

CVE-2024-39794 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Auth Bypass

CVE-2024-39793 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Auth Bypass

CVE-2024-39790 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Auth Bypass

CVE-2024-39789 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Config Injection

CVE-2024-39788 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Config Injection

CVE-2024-39602 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - RCE

CVE-2024-39280 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - RCE

CVE-2024-38666 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Command Injection

CVE-2024-54097 HIGH

HiView - Info Disclosure

CVE-2024-51544 HIGH

Service Control - Info Disclosure

CVE-2024-51543 HIGH

ABB ASPECT <3.08.02, NEXUS Series <3.08.02, MATRIX Series <3.08.02 ...

CVE-2024-50358 HIGH

Advantech - External Control of System or Configuration Setting

CVE-2024-10979 HIGH

PostgreSQL <17.1-12.21 - Code Injection

CVE-2024-21583 MEDIUM

github.com/gitpod-io/gitpod - Info Disclosure

CVE-2024-4326 CRITICAL

parisneo/lollms-webui <9.3 - RCE

CVE-2024-23639 MEDIUM

Micronaut Framework - Info Disclosure

CVE-2023-6154 HIGH

Bitdefender - Code Injection

CVE-2023-50252 HIGH

Dompdf Php-svg-lib < 0.5.1 - Insecure Deserialization

CVE-2023-46764 MEDIUM

Background Apps - Info Disclosure

CVE-2023-46248 CRITICAL

Cody AI VSCode Extension <0.14.0 - RCE

CVE-2023-43323 MEDIUM

mooSocial 3.1.8 - SSRF

CVE-2023-4704 MEDIUM

instantsoft/icms2 <2.16.1 - Elevation of Privilege

Previous Page 2 of 3 Next

Details

Vulnerabilities 58

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy