CVE-2024-48788
An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process.
CVSS
7.5
High
EPSS
0.6%
p43
KEV
—
Exploit Today
13
0-100
Published: Oct 11, 2024 · Last modified: Jul 5, 2026 · CWE-319
0.6%EPSS · 30 days0.6%
2026-06-302026-07-17
An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2023-318237.5 HIG47.0%
——14An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function.9dCVE-2024-388917.5 HIG35.4%
——11An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information.12dCVE-2023-390867.5 HIG23.4%
——7ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.9dCVE-2025-564479.8 CRI19.3%
——6TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.12dCVE-2025-671597.5 HIG17.4%
——5Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.13dCVE-2024-400904.3 MED16.4%
——5Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Information Disclosure. An information leak in the Boa webserver allows remote, unauthenticated attackers to leak memory addresses of uClibc and the stack via sending a GET request to the index page.13d