cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-31573,https://securityvulnerability.io/vulnerability/CVE-2021-31573,Command Injection Vulnerability in MediaTek Config Manager,A command injection vulnerability exists in MediaTek's Config Manager due to inadequate input validation. This flaw allows a proximal attacker to escalate privileges without requiring any prior execution rights or user interaction. Immediate action is recommended to mitigate potential risks associated with this vulnerability.,MediaTek,"En7528, En7580",9.8,CRITICAL,0.0031300000846385956,false,false,false,false,,false,false,2023-02-06T00:00:00.000Z,0
CVE-2021-31574,https://securityvulnerability.io/vulnerability/CVE-2021-31574,Command Injection Vulnerability in Mediatek Config Manager,"In Mediatek's Config Manager, a flaw exists that allows for command injection due to insufficient input validation. This vulnerability enables a proximal attacker to escalate privileges without needing any prior execution permissions. Notably, user interaction is not required for the exploitation of this issue, posing significant risks to systems using affected versions. Mediatek has issued a patch (A20210009) to mitigate this vulnerability, emphasizing the importance of timely updates to maintain security.",MediaTek,"En7528, En7580",9.8,CRITICAL,0.0031300000846385956,false,false,false,false,,false,false,2023-02-06T00:00:00.000Z,0
CVE-2021-31575,https://securityvulnerability.io/vulnerability/CVE-2021-31575,Command Injection Vulnerability in MediaTek Config Manager,"In MediaTek's Config Manager, a potential command injection vulnerability exists owing to inadequate input validation. This flaw could allow an attacker in proximity to escalate their privileges remotely without requiring additional execution rights. Exploitation does not necessitate user interaction, which increases the risk. It's essential to address this vulnerability promptly to safeguard system integrity. For further information, refer to the patch ID A20210009.",MediaTek,"En7528, En7580",9.8,CRITICAL,0.0031300000846385956,false,false,false,false,,false,false,2023-02-06T00:00:00.000Z,0
CVE-2021-31576,https://securityvulnerability.io/vulnerability/CVE-2021-31576,Information Disclosure Vulnerability in Boa by MediaTek,"A security issue has been identified in Boa, a lightweight web server from MediaTek. The flaw stems from a missing permission check, allowing a proximal attacker to potentially disclose sensitive information without requiring additional execution privileges. This vulnerability is exploitable remotely, and user interaction is not necessary for the attack to succeed. Immediate patching is recommended to mitigate the potential risks associated with this vulnerability. For more details, refer to the official MediaTek security acknowledgments.",MediaTek,"En7528, En7580",7.5,HIGH,0.00139999995008111,false,false,false,false,,false,false,2023-02-06T00:00:00.000Z,0
CVE-2021-31577,https://securityvulnerability.io/vulnerability/CVE-2021-31577,Privilege Escalation in Boa Product by MediaTek,"A privilege escalation vulnerability has been identified in the Boa web server used by MediaTek. This issue arises from a missing permission check that allows a proximal attacker to escalate privileges without needing any additional execution rights. The vulnerability is particularly concerning as it doesn't require user interaction for successful exploitation, thus enabling remote attacks more easily. Users of affected versions should apply the patch provided by MediaTek to safeguard against potential unauthorized access.",MediaTek,"En7528, En7580",9.8,CRITICAL,0.0047599999234080315,false,false,false,false,,false,false,2023-02-06T00:00:00.000Z,0
CVE-2021-31578,https://securityvulnerability.io/vulnerability/CVE-2021-31578,Stack Buffer Overflow in Boa Affects MediaTek Products,"A stack buffer overflow vulnerability exists in the Boa web server that could allow an attacker to escalate privileges remotely. Successful exploitation does not require any additional execution privileges or user interaction. This vulnerability underscores the importance of implementing timely patches and securing applications that rely on the Boa server. MediaTek has provided a patch to address this issue, therefore it is crucial for users to apply the latest updates to mitigate the risks associated with this vulnerability.",MediaTek,"En7528, En7580",9.8,CRITICAL,0.004040000028908253,false,false,false,false,,false,false,2023-02-06T00:00:00.000Z,0
CVE-2022-32664,https://securityvulnerability.io/vulnerability/CVE-2022-32664,Command Injection Vulnerability in MediaTek Config Manager,"In MediaTek's Config Manager, a command injection vulnerability exists due to insufficient input validation. This could potentially allow an attacker to escalate user privileges remotely, but it requires user interaction to exploit. Affected users are urged to apply patch A20220004 to mitigate the risk associated with this vulnerability.",MediaTek,"En7516, En7528, En7529, En7561, En7562, En7580",8.8,HIGH,0.0031300000846385956,false,false,false,false,,false,false,2023-01-03T00:00:00.000Z,0
CVE-2022-32665,https://securityvulnerability.io/vulnerability/CVE-2022-32665,Command Injection Vulnerability in Boa by MediaTek,"A vulnerability in Boa allows for command injection due to improper input validation. This security flaw enables potential remote escalation of privilege without requiring additional execution privileges or user interaction, posing significant risks to the system's integrity. Users with affected versions should apply the available patch urgently to mitigate the vulnerability.",MediaTek,"En7528, En7580",9.8,CRITICAL,0.0031300000846385956,false,false,false,false,,false,false,2023-01-03T00:00:00.000Z,0