288 matches found
Input validation
Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...
Improper access control
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...
CVE-2022-45724
CVE-2022-45724 concerns the Comfast CF-WR6110N router (v2.3.1) with an Incorrect Access Control flaw. On a network-adjacent host, an attacker can send HTTP requests to an unauthenticated page to force the device to generate a SESSION_ID, which can then be used to perform authenticated requests. T...
CVE-2022-45725
CVE-2022-45725 affects Comfast CF-WR6110N router (firmware version 2.3.1). The issue is improper input validation that could allow a remote, adjacent-network attacker to execute arbitrary code via HTTP POST requests. Exploitation details (payloads, specific endpoints, affected firmware variants b...
CVE-2022-45724
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...
CVE-2022-45725
Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...
COMFAST CF-WR6110N 输入验证错误漏洞
The COMFAST CF-WR6110N is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-WR6110N version V2.3.1, which originates from incorrect input validation and allows remote attackers on the same network to execute arbitrary code on the target via an...
CVE-2022-45724
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...
CVE-2022-45725
Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...
COMFAST CF-WR6110N 授权问题漏洞
COMFAST CF-WR6110N is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in the COMFAST CF-WR6110N version V2.3.1, which originates from incorrect access control and allows a remote attacker on the same network to perform any HTTP request to an unauthenticate...
CVE-2022-47700
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication...
CVE-2022-47701
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...
CVE-2022-47698
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS via the URL filtering feature in the router...
CVE-2022-47698
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS via the URL filtering feature in the router...
CVE-2022-47701
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...
CVE-2022-47697
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts...
CVE-2022-47699
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...
CVE-2022-47699
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...
CVE-2022-47697
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts...
Cross site scripting
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...