136 matches found
CVE-2019-12789
An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence Ctrl-\ to obtain a shell with root privileges. After gaining root access, the attacker can...
CVE-2013-3097
Unspecified Cross-site scripting XSS vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router...
The vulnerability of the uh_get_postdata_withupload() function on the HTTP server of the Actiontec WCB6200Q Wi-Fi extension software allows a hacker to execute arbitrary code.
The vulnerability of the uhgetpostdatawithupload function on the HTTP server of the Actiontec WCB6200Q Wi-Fi extension software-related microprogramming devices is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to...
The vulnerability of the HTTP-server of the microprogrammed Wi-Fi range extension software from Actiontec, the WCB6200Q, allows a hacker to execute arbitrary code.
The vulnerability of the HTTP-server of the microprogrammed Wi-Fi extension software from Actiontec, WCB6200Q, is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the uh_tcp_recv_content() function in the HTTP-server of the microprogrammed Wi-Fi extension software from Actiontec WCB6200Q allows a hacker to execute arbitrary code.
The vulnerability of the uhtcprecvcontent function on the HTTP-server of the Actiontec WCB6200Q Wi-Fi extension software-related microprogramming devices is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker operati...
The vulnerability of the HTTP-server of the microprogrammed Wi-Fi range extension software from Actiontec, the WCB6200Q, allows a hacker to execute arbitrary code.
The vulnerability of the HTTP-server of the microprogrammed Wi-Fi range extension software Actiontec WCB6200Q is related to the use of uncontrolled format strings in processing HTTP request headers. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2024-6145
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...
CVE-2024-6146
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6145
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...
CVE-2024-6144
Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6146
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6143
Actiontec WCB6200Q uhtcprecvheader Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specifi...
CVE-2024-6143
Actiontec WCB6200Q uhtcprecvheader Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specifi...
CVE-2024-6142
Actiontec WCB6200Q uhtcprecvcontent Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specif...
CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6146
CVE-2024-6146 concerns Actiontec WCB6200Q with a stack-based buffer overflow in the HTTP server function responsible for handling postdata with upload (uh_get_postdata_withupload). The flaw arises from insufficient validation of user-supplied data length before copying into a fixed-length stack-b...
CVE-2024-6145 Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...
CVE-2024-6145
The CVE-2024-6145 entry concerns Actiontec WCB6200Q routers. Concrete details in connected documents show that the vulnerability exists in the HTTP server, where a crafted Cookie header can trigger a format specifier from a user-supplied string, allowing a network-adjacent attacker to execute arb...
CVE-2024-6145 Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...