Note:
This project will be discontinued after December 13, 2021. [more]
Product:
14finger
(B1ackc4t)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-07-05 | CVE-2024-37767 | Insecure permissions in the component /api/admin/user of 14Finger v1.1 allows attackers to access all user information via a crafted GET request. | 14finger | N/A | ||
| 2024-07-10 | CVE-2024-37770 | 14Finger v1.1 was discovered to contain a remote command execution (RCE) vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload. | 14finger | N/A | ||
| 2024-07-05 | CVE-2024-37768 | 14Finger v1.1 was discovered to contain an arbitrary user deletion vulnerability via the component /api/admin/user?id. | 14finger | 9.1 | ||
| 2024-07-05 | CVE-2024-37769 | Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request. | 14finger | 8.8 |