EUVD-2022-48584

Malicious code in bioql PyPI...

EUVD-2022-50457

Malicious code in bioql PyPI...

EUVD-2022-50456

Malicious code in bioql PyPI...

EUVD-2022-50460

Malicious code in bioql PyPI...

EUVD-2022-50459

Malicious code in bioql PyPI...

EUVD-2022-48583

Malicious code in bioql PyPI...

COMFAST CF-XR11 安全漏洞

COMFAST CF-XR11 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-XR11 version V2.7.2, which stems from an uncleaned phyinterface parameter in the multipppoe API, which could lead to a command injection attack...

COMFAST CF-N1 安全漏洞

COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter timestr in the file /usr/bin/webmgnt...

COMFAST CF-N1 安全漏洞

COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter pingconfig in the file /usr/bin/webmgnt...

CVE-2022-47699

COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...

CVE-2022-47701

COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...

CVE-2022-47700

COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication...

CVE-2022-45725

Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...

CVE-2022-47697

COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts...

CVE-2022-45724

Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...

CVE-2022-45725

Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...

Input validation

Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...

Improper access control

Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...

CVE-2022-45724

CVE-2022-45724 concerns the Comfast CF-WR6110N router (v2.3.1) with an Incorrect Access Control flaw. On a network-adjacent host, an attacker can send HTTP requests to an unauthenticated page to force the device to generate a SESSION_ID, which can then be used to perform authenticated requests. T...

CVE-2022-45725

CVE-2022-45725 affects Comfast CF-WR6110N router (firmware version 2.3.1). The issue is improper input validation that could allow a remote, adjacent-network attacker to execute arbitrary code via HTTP POST requests. Exploitation details (payloads, specific endpoints, affected firmware variants b...