Kramerav Viaware vulnerabilities
2 known vulnerabilities affecting kramerav/viaware.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2021-36356P1CRITICALCVSS 9.8ExploitedPoC≤ 2021-082021-08-31
CVE-2021-36356 [CRITICAL] CVE-2021-36356: KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPag
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an incomplete fix for CVE-2019-17124.
nvd
CVE-2019-17124P2CRITICALCVSS 9.8PoCv2.5.0719.10342019-10-09
CVE-2019-17124 [CRITICAL] CWE-276 CVE-2019-17124: Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
nvd