Flexsense Diskboss vulnerabilities
4 known vulnerabilities affecting flexsense/diskboss.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4
Vulnerabilities
Page 1 of 1
CVE-2020-36879P3HIGHCVSS 8.5v11.7.282025-12-05
CVE-2020-36879 [HIGH] CWE-428 CVE-2020-36879: Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any of
Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any of its services, enabling remote code execution during startup or reboot with escalated privileges. Attackers can exploit the unquoted service path vulnerability by specifying a malicious service name in the 'sc qc' command, allowing them to execute arbit
nvd
CVE-2020-36882P3HIGHCVSS 7.5v7.7.142025-12-05
CVE-2020-36882 [HIGH] CWE-434 CVE-2020-36882: Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Se
Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Search Files/Directory field, leading to a denial of service by crashing the application.
nvd
CVE-2020-36881P3HIGHCVSS 7.8v7.7.142025-12-05
CVE-2020-36881 [HIGH] CWE-119 CVE-2020-36881: Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' co
Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Input Directory' component that allows unauthenticated attackers to execute arbitrary code on the system. Attackers can exploit this by pasting a specially crafted directory path into the 'Add Input Directory' field.
nvd
CVE-2020-36880P3HIGHCVSS 7.8v7.7.142025-12-05
CVE-2020-36880 [HIGH] CWE-119 CVE-2020-36880: Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Reports and Data Di
Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Reports and Data Directory' field that allows an attacker to execute arbitrary code on the system.
nvd