Flexense Sysgauge vulnerabilities
4 known vulnerabilities affecting flexense/sysgauge.
Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3
Vulnerabilities
Page 1 of 1
CVE-2017-6416P2CRITICALCVSS 9.8PoCv1.5.182017-03-06
CVE-2017-6416 [CRITICAL] CWE-119 CVE-2017-6416: An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verif
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
nvd
CVE-2018-5359P2HIGHCVSS 8.1PoCv3.6.182018-01-23
CVE-2018-5359 [HIGH] CWE-119 CVE-2018-5359: The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the att
The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow.
nvd
CVE-2017-15667P3HIGHCVSS 7.5PoCv3.6.182017-12-28
CVE-2017-15667 [HIGH] CWE-20 CVE-2017-15667: In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attac
In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9221.
nvd
CVE-2020-36930P3HIGHCVSS 7.8v7.9.182026-01-16
CVE-2020-36930 [HIGH] CWE-428 CVE-2020-36930: SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configurat
SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables and escalate privileges.
nvd