136 matches found
PT-2023-9252 · Actiontec · Actiontec Wcb6200Q
Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. The flaw exists within the HTTP server, where a...
PT-2023-9250 · Actiontec · Actiontec Wcb6200Q
Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: The issue is related to a stack-based buffer overflow in the uh get postdata withupload function of the HTTP server in Actiontec WCB6200Q Wi-Fi range extenders. This allows a...
PT-2023-9253 · Actiontec · Actiontec Wcb6200Q
Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the uh tcp recv header function of the HTTP server in the Actiontec WCB6200Q Wi-Fi range extender microprogram. This...
PT-2023-9251 · Actiontec · Actiontec Wcb6200Q
Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. The specific flaw exists within the HTTP server,...
SSL/TLS: Known Compromised/Static Certificate Detection
The remote SSL/TLS service is using an SSL/TLS certificate which is known to be compromised/static e.g. known private keys, used by malware, etc. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
CVE-2013-3097
Unspecified Cross-site scripting XSS vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router...
CVE-2013-3097
CVE-2013-3097 refers to an unspecified Cross-site Scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router. The affected product is the Actiontec MI424WR-GEN3I router. Public documentation in the provided sources only reiterates the XSS description without revealing root c...
CVE-2018-15555
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...
CVE-2018-15555
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...
Default credentials
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...
CVE-2018-15555
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...
CVE-2018-15555
The CVE-2018-15555 entry affects Telus Actiontec WEB6000Q (v1.1.02.22). The vulnerability arises from on-board UART headers allowing an attacker with physical access to obtain root level access by using the credentials root/admin on the main OS (and root with no password in the Quantenna environm...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
CVE-2018-15556
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
Code injection
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
Default credentials
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
CVE-2018-15556
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
CVE-2018-15556
CVE-2018-15556 affects the Quantenna WiFi Controller in Telus Actiontec WEB6000Q (firmware v1.1.02.22). An attacker can log in as root with an empty password via the onboard UART headers, enabling full shell access. Public PoC material exists (PacketStorm/full disclosure) describing UART-based pr...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...