19 matches found
EUVD-2022-50458
Malicious code in bioql PyPI...
CVE-2022-47700
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication...
CVE-2022-47697
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts...
CVE-2022-47701
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...
CVE-2022-47699
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...
CVE-2022-47699
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...
Cross site scripting
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...
Cross site scripting
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS via the URL filtering feature in the router...
Authentication flaw
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication...
Design/Logic Flaw
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts...
CVE-2022-47699
COMFAST CF-WR623N Router firmware version V2.3.0.1 is affected by an Incorrect Access Control vulnerability (CVE-2022-47699). Root cause: access control error in the firmware. Impact: high severity across confidentiality, integrity, and availability; exploitable over network with no authenticatio...
CVE-2022-47700
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication...
CVE-2022-47698
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS via the URL filtering feature in the router...
CVE-2022-47699
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...
CVE-2022-47700
The CVE-2022-47700 entry concerns COMFAST CF-WR623N Router firmware versions V2.3.0.1 and earlier, affected by Incorrect Access Control due to improper authentication that allows requests to back-end scripts without a valid session. The vulnerability has a high severity (CVSS v3.1 base score 7.5,...
PT-2023-15461 · Comfast · Comfast Cf-Wr623N
Name of the Vulnerable Software and Affected Versions: COMFAST CF-WR623N Router firmware version V2.3.0.1 Description: The issue is related to Cross Site Scripting XSS via the URL filtering feature in the router. This means an attacker could potentially inject malicious scripts into the website,...
CVE-2022-47697
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts...
CVE-2022-47699
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...
PT-2023-15462 · Comfast · Comfast Cf-Wr623N
Name of the Vulnerable Software and Affected Versions: COMFAST CF-WR623N Router firmware version V2.3.0.1 Description: The issue is related to Incorrect Access Control. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents...