Escanav

escanav

28 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Escan Anti Virus

escan_anti-virus

Escan Management Console

escan_management_console

Escan Internet Security Suite

escan_internet_security_suite

CVEs (28)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-31703 1Escanav 1Escan Management Console Jan 22, 2025 May 17, 2023 N/A· v4 9.0 CRITICAL· v3 N/A· v2 Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.
CVE-2023-31702 1Escanav 1Escan Management Console Jan 22, 2025 May 17, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server v...Show more SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1.Show less
CVE-2021-26624 1Escanav 1Escan Anti Virus Nov 21, 2024 Apr 1, 2022 N/A· v4 8.8 HIGH· v3 10.0 HIGH· v2 An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vuln...Show more An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by manipulating parameter values.Show less
CVE-2018-18388 1Escanav 1Escan Anti Virus Nov 21, 2024 Dec 20, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222.
CVE-2018-10098 1Escanav 1Escan Internet Security Suite Nov 21, 2024 Jul 13, 2018 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).
CVE-2018-6203 1Escanav 1Anti Virus Nov 21, 2024 Jan 25, 2018 N/A· v4 7.8 HIGH· v3 6.1 MEDIUM· v2 In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002...Show more In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300210C.Show less
CVE-2018-6202 1Escanav 1Anti Virus Nov 21, 2024 Jan 25, 2018 N/A· v4 7.8 HIGH· v3 6.1 MEDIUM· v2 In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002...Show more In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020F8.Show less
CVE-2018-6201 1Escanav 1Anti Virus Nov 21, 2024 Jan 25, 2018 N/A· v4 7.8 HIGH· v3 6.1 MEDIUM· v2 In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002...Show more In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020E0 or 0x830020E4.Show less