cbcvebase.

Flexense Sysgauge vulnerabilities

4 known vulnerabilities affecting flexense/sysgauge.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3

Vulnerabilities

Page 1 of 1
CVE-2017-6416P2CRITICALCVSS 9.8PoCv1.5.182017-03-06
CVE-2017-6416 [CRITICAL] CWE-119 CVE-2017-6416: An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verif An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
nvd
CVE-2018-5359P2HIGHCVSS 8.1PoCv3.6.182018-01-23
CVE-2018-5359 [HIGH] CWE-119 CVE-2018-5359: The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the att The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow.
nvd
CVE-2017-15667P3HIGHCVSS 7.5PoCv3.6.182017-12-28
CVE-2017-15667 [HIGH] CWE-20 CVE-2017-15667: In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attac In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9221.
nvd
CVE-2020-36930P3HIGHCVSS 7.8v7.9.182026-01-16
CVE-2020-36930 [HIGH] CWE-428 CVE-2020-36930: SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configurat SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables and escalate privileges.
nvd