Aggregates CVE and security vulnerability intelligence across all mutiny-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling, vendor risk denial of service, and vendor risk command injection, with potential vendor impact file overwrite across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-37832 | Mutiny 7.2.0-10788 suffers from Hardcoded root password. | [email protected] | 9.8 | 0.34% | 2022-12-16 | 2025-04-18 |
| CVE-2018-15529 | A command injection vulnerability in maintenance.cgi in Mutiny "Monitoring Appliance" before 6.1.0-5263 allows authenticated users, with access to the admin interface, to inject arbitrary commands within the filename of a system upgrade upload. | [email protected] | 8.8 | 21.45% | 2018-08-28 | 2024-11-21 |
| CVE-2013-0136 | Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow remote authenticated users to upload and execute arbitrary programs, read arbitrary files, or cause a denial of service (file deletion or renaming) via (1) the uploadPath parameter in an UPLOAD operation; the paths[] parameter in a (2) DELETE, (3) CUT, or (4) COPY operation; or the newPath parameter in a (5) CUT or (6) COPY operation. | [email protected] | 8.5 | 72.14% | 2013-06-01 | 2026-04-29 |
| CVE-2012-3001 | Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, related to a "command injection vulnerability." | [email protected] | 8.5 | 70.65% | 2012-10-22 | 2026-04-29 |