CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

VulnCheck KEV•added 2025/06/26 12:0 a.m.•0 views

VulnCheck KEV: CVE-2025-34049

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the targetaddr parameter of the formTracert and formPing administrative...

9.4CVSS6.3AI score0.00589EPSS

In wildExploits0References58

OSV•added 2024/07/26 12:15 p.m.•2 views

CVE-2024-41687

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text. A remote attacker could exploit this vulnerability by intercepting transmission within an HTTP session on the vulnerable system. Successful exploitation of this vulnerability could allow...

7.5CVSS5.9AI score

NVD•added 2024/07/26 12:15 p.m.•12 views

CVE-2024-41690

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to...

7CVSS0.00058EPSS

Cvelist•added 2024/07/26 12:6 p.m.•15 views

CVE-2024-41691 Insecure Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary...

7CVSS0.00058EPSS

CVE•added 2024/07/26 11:59 a.m.•64 views

CVE-2024-41689

CVE-2024-41689 affects the SyroTech SY-GPON-1110-WDONT router. The root cause is the unencrypted storage of WPA/WPS credentials in the device firmware/database, enabling credential disclosure if the firmware is accessed. An attacker with physical access can extract the firmware, reverse‑engineer ...

5.2CVSS6.8AI score0.00012EPSS

Exploits0References2Affected Software1

CNNVD•added 2024/07/26 12:0 a.m.•2 views

SyroTech SY-GPON-1110-WDONT 安全漏洞

The SyroTech SY-GPON-1110-WDONT is a wireless router from SyroTech. The SyroTech SY-GPON-1110-WDONT suffers from an information disclosure vulnerability that stems from unencrypted storage of WPA/WPS credentials in the router firmware/database. An attacker can exploit this vulnerability to obtain...

5.2CVSS6.2AI score0.00012EPSS

OSV•added 2023/01/03 3:15 a.m.•1 views

CVE-2022-40740

Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service...

7.2CVSS6.1AI score0.01287EPSS

Prion•added 2023/01/03 3:15 a.m.•12 views

Command injection

5.8CVSS7.5AI score0.01287EPSS

Exploits0References1Affected Software2

Vulnrichment•added 2023/01/03 12:0 a.m.•5 views

CVE-2022-40740 Realtek GPON router - Command Injection

7.2CVSS7.5AI score0.01287EPSS

CNNVD•added 2023/01/03 12:0 a.m.•3 views

Realtek GPON router 安全漏洞

The Realtek GPON router is a series of routers from China-based Realtek Semiconductor Realtek. A security vulnerability exists in the Realtek GPON router, which stems from an insufficient filtering of special characters that could allow a remote attacker with administrator privileges to perform a...

7.2CVSS7.5AI score0.01287EPSS

Cvelist•added 2023/01/03 12:0 a.m.•15 views

CVE-2022-40740 Realtek GPON router - Command Injection

7.2CVSS7.6AI score0.01287EPSS

The Hacker News•added 2022/03/28 6:59 a.m.•314 views

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data...

10CVSS1.9AI score0.94489EPSS

Exploits513

CNVD•added 2020/03/19 12:0 a.m.•1 views

Netlink GPON Router Authentication RCE Vulnerability

Netlink GPON Router is a router device. An authentication RCE vulnerability exists in the Netlink GPON Router, which can be exploited by an attacker to take over a remote destination device...

7.2AI score

0day.today•added 2020/03/19 12:0 a.m.•173 views

Netlink GPON Router 1.0.11 - Remote Code Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls...

7.4AI score

Packet Storm•added 2020/03/18 12:0 a.m.•597 views

Netlink GPON Router 1.0.11 Remote Code Execution

Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls /&waninf=1INTERNETRVID154"...

0.1AI score

exploitpack•added 2020/03/18 12:0 a.m.•84 views

Netlink GPON Router 1.0.11 - Remote Code Execution

Netlink GPON Router 1.0.11 - Remote Code Execution Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls...

0.1AI score

Exploit DB•added 2020/03/18 12:0 a.m.•611 views

Netlink GPON Router 1.0.11 - Remote Code Execution

7.4AI score