71 matches found
Design/Logic Flaw
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password...
CVE-2022-45600
CVE-2022-45600 affects Aztech WMB250AC Mesh Routers (Firmware 016 2020). The root cause is improper session management that enables a web-authenticated attacker to bypass authentication and escalate to root by injecting commands via a web portal. A command-injection vulnerability exists in multip...
CVE-2022-45600
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login...
Aztech WMB250AC 命令注入漏洞
The Aztech WMB250AC is a wireless router from Aztech. A security vulnerability exists in the Aztech WMB250AC Mesh Routers Firmware version 016 2020 that stems from incorrectly managing sessions. An attacker could use the vulnerability to bypass authentication and execute arbitrary commands with...
CVE-2022-45600
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login...
CVE-2022-45599
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password...
Aztech WMB250AC 安全漏洞
The Aztech WMB250AC is a wireless router from Aztech. A security vulnerability exists in Aztech WMB250AC Mesh Routers Firmware version 016 2020. An attacker can exploit the vulnerability to elevate privileges...
CVE-2022-45599
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password...
CVE-2022-45599
Aztech WMB250AC Mesh Routers (Firmware 016 2020) 有 a PHP Type Juggling vulnerability in /var/www/login.php. The weakness stems from using loose comparison (==) for authentication, which allows an attacker to bypass admin credentials if the admin’s MD5 hash begins with 0e followed by digits. PoC d...
Exploit for Command Injection in Aztech Wmb250Ac_Firmware
CVE-2022-45600 | CVE URL: | https://vulners.com/cve...
Aztech Modem Routers Information Disclosure Vulnerability
Aztech Modem Routers is an all-in-one modem and router product from the Aztech group of companies in Singapore. An information disclosure vulnerability exists in Aztech Modem Routers. The vulnerability can be exploited by an attacker to gain access to sensitive information, which can be used to...
Multiple Aztech Modem Router Products Session Hijacking Vulnerability
Aztech Modem Routers is an all-in-one modem and router product from the Aztech group of companies in Singapore. A session hijacking vulnerability exists in multiple Aztech Modem Routers products. An attacker could exploit this vulnerability to gain access to affected devices...
Denial of Service Vulnerability in Multiple Aztech Routers
Aztech DSL5018EN, DSL705E and DSL705EU are router products from the Aztech Group of companies in Singapore. A denial of service vulnerability exists in multiple Aztech routers. An attacker could exploit this vulnerability to crash an affected device, resulting in a denial of service...
Design/Logic Flaw
cgi-bin/AZRetrain.cgi in Aztech ADSL DSL5018EN 1T1R, DSL705E, and DSL705EU devices does not check for authentication, which allows remote attackers to cause a denial of service WAN connectivity reset via a direct request...
CVE-2014-6435
cgi-bin/AZRetrain.cgi in Aztech ADSL DSL5018EN 1T1R, DSL705E, and DSL705EU devices does not check for authentication, which allows remote attackers to cause a denial of service WAN connectivity reset via a direct request...
CVE-2014-6436
Aztech ADSL DSL5018EN 1T1R, DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login...
Information disclosure
Aztech ADSL DSL5018EN 1T1R, DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors involving the ROM file...
CVE-2014-6437
Aztech ADSL DSL5018EN 1T1R, DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors involving the ROM file...
CVE-2014-6435
CVE-2014-6435 affects Aztech ADSL router models DSL5018EN (1T1R), DSL705E, and DSL705EU. The vulnerability is in the CGI script /cgi-bin/AZ_Retrain.cgi which does not require authentication, enabling an unauthenticated remote attacker to trigger a denial of service by resetting WAN connectivity. ...
CVE-2014-6436
CVE-2014-6436 affects Aztech ADSL modem/router models DSL5018EN (1T1R), DSL705E, and DSL705EU. Connected sources confirm broken session management that allows bypassing authentication and may lead to remote command execution or DoS via unauthenticated web portal access (e.g., CGI endpoints like /...