Browse all 7 CVE security advisories affecting duogeek. AI-powered Chinese analysis, POCs, and references for each vulnerability.
DuoGeek provides multi-factor authentication and identity-based security solutions, primarily serving organizations requiring secure access controls. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, with seven CVEs documented to date. The platform's security architecture emphasizes zero-trust principles, though past incidents have involved authentication bypass weaknesses in API endpoints. DuoGeek's integration capabilities have introduced additional attack surfaces, particularly in third-party connector implementations. Recent updates focus on improving input validation and session management to address recurring vulnerability patterns across their authentication workflows.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-51618 | WordPress Custom Admin Menu plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — Custom Admin MenuCWE-79 | 6.5 | Medium | 2024-11-09 |
This page lists every published CVE security advisory associated with duogeek. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.