Lucene search
+L

136 matches found

Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.6 views

PT-2023-9252 · Actiontec · Actiontec Wcb6200Q

Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. The flaw exists within the HTTP server, where a...

8.8CVSS7.4AI score0.01205EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.11 views

PT-2023-9250 · Actiontec · Actiontec Wcb6200Q

Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: The issue is related to a stack-based buffer overflow in the uh get postdata withupload function of the HTTP server in Actiontec WCB6200Q Wi-Fi range extenders. This allows a...

8.8CVSS8.1AI score0.01119EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.7 views

PT-2023-9253 · Actiontec · Actiontec Wcb6200Q

Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the uh tcp recv header function of the HTTP server in the Actiontec WCB6200Q Wi-Fi range extender microprogram. This...

8.8CVSS7.6AI score0.01119EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.7 views

PT-2023-9251 · Actiontec · Actiontec Wcb6200Q

Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. The specific flaw exists within the HTTP server,...

8.8CVSS7.3AI score0.01119EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/11/10 12:0 a.m.20 views

SSL/TLS: Known Compromised/Static Certificate Detection

The remote SSL/TLS service is using an SSL/TLS certificate which is known to be compromised/static e.g. known private keys, used by malware, etc. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

7.5CVSS6.6AI score0.01981EPSS
Exploits0References10
Cvelist
Cvelist
added 2019/11/13 9:54 p.m.20 views

CVE-2013-3097

Unspecified Cross-site scripting XSS vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router...

6.1AI score0.0146EPSS
Exploits0References4
CVE
CVE
added 2019/11/13 9:54 p.m.46 views

CVE-2013-3097

CVE-2013-3097 refers to an unspecified Cross-site Scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router. The affected product is the Actiontec MI424WR-GEN3I router. Public documentation in the provided sources only reiterates the XSS description without revealing root c...

6.1CVSS6.1AI score0.0146EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2019/06/28 3:15 p.m.20 views

CVE-2018-15555

On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...

10CVSS9.6AI score0.02974EPSS
Exploits1References2
OSV
OSV
added 2019/06/28 3:15 p.m.6 views

CVE-2018-15555

On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...

9.8CVSS5.8AI score0.02974EPSS
Exploits1References2
Prion
Prion
added 2019/06/28 3:15 p.m.20 views

Default credentials

On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...

10CVSS9.5AI score0.02974EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/06/28 2:34 p.m.28 views

CVE-2018-15555

On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...

9.6AI score0.02974EPSS
Exploits1References2
CVE
CVE
added 2019/06/28 2:34 p.m.67 views

CVE-2018-15555

The CVE-2018-15555 entry affects Telus Actiontec WEB6000Q (v1.1.02.22). The vulnerability arises from on-board UART headers allowing an attacker with physical access to obtain root level access by using the credentials root/admin on the main OS (and root with no password in the Quantenna environm...

10CVSS9.5AI score0.02974EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2019/06/27 5:15 p.m.27 views

CVE-2018-15557

An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...

10CVSS8.6AI score0.03258EPSS
Exploits2References2
OSV
OSV
added 2019/06/27 5:15 p.m.7 views

CVE-2018-15557

An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...

8.8CVSS5.8AI score0.03258EPSS
Exploits2References2
NVD
NVD
added 2019/06/27 5:15 p.m.33 views

CVE-2018-15556

The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...

10CVSS9.6AI score0.03258EPSS
Exploits2References2
Prion
Prion
added 2019/06/27 5:15 p.m.15 views

Code injection

An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...

10CVSS8.5AI score0.03258EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2019/06/27 5:15 p.m.21 views

Default credentials

The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...

10CVSS9.5AI score0.03258EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2019/06/27 4:55 p.m.38 views

CVE-2018-15556

The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...

9.6AI score0.03258EPSS
Exploits2References2
CVE
CVE
added 2019/06/27 4:55 p.m.88 views

CVE-2018-15556

CVE-2018-15556 affects the Quantenna WiFi Controller in Telus Actiontec WEB6000Q (firmware v1.1.02.22). An attacker can log in as root with an empty password via the onboard UART headers, enabling full shell access. Public PoC material exists (PacketStorm/full disclosure) describing UART-based pr...

10CVSS9.5AI score0.03258EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2019/06/27 4:52 p.m.22 views

CVE-2018-15557

An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...

8.7AI score0.03258EPSS
Exploits2References2
Rows per page
Query Builder