170 matches found
CVE-2023-41011
Command Execution vulnerability in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the shortcuttelnet.cg component...
CVE-2022-23135
There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the lack of verification of user modified destination path, an attacker with specific permissions could modify the FTP access path to access and modify the system path contents without authorization, which...
KDDI HGW BL1500HM 跨站脚本漏洞
The KDDI HGW BL1500HM is a home router from KDDI Japan. A cross-site scripting vulnerability exists in KDDI HGW BL1500HM 002.002.003 and earlier versions, which originates from cross-site scripting in the USB storage file sharing feature and could lead to the execution of arbitrary scripts...
KDDI HGW BL1500HM 路径遍历漏洞
The KDDI HGW BL1500HM is a home router from KDDI Japan. A path traversal vulnerability exists in KDDI HGW BL1500HM 002.002.003 and earlier versions, which stems from path traversal in the USB storage file sharing feature and could lead to the acquisition or modification of files...
Multiple vulnerabilities in home gateway HGW-BL1500HM
Overview Home gateway HGW-BL1500HM provided by KDDI CORPORATION contains multiple vulnerabilities listed below. Stored cross-site scripting in the NickName registration screen CWE-79 - CVE-2025-27567 Stored cross-site scripting in the USB storage file-sharing function CWE-79 - CVE-2025-27574 Path...
JVN#04278547: Multiple vulnerabilities in home gateway HGW-BL1500HM
Home gateway HGW-BL1500HM provided by KDDI CORPORATION contains multiple vulnerabilities listed below. Stored cross-site scripting in the NickName registration screen CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2025-27567 Stored cross-site scripting in the USB storage...
CVE-2024-47044
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device...
CVE-2024-47045
Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...
CVE-2024-47045
The CVE-2024-47045 issue affects the installer for the e-Tax software (common program). The vulnerability allows a malicious DLL uploaded or introduced by an attacker to run with higher privileges than the application, due to privilege escalation in the install process (root cause described as a ...
CVE-2024-47045
Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...
Multiple NTT EAST Home GateWay/Hikari Denwa routers fail to restrict access permissions
Overview Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION fail to restrict access permissions CWE-451. Keishi Awata of logicalmixed reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
CVE-2024-8022
A vulnerability was found in Genexis Tilgin Home Gateway 322AS0500-03051305. It has been rated as problematic. This issue affects some unknown processing of the file /vood/cgi-bin/voodview.cgi?lang=EN&act=user/specconf&sessionId=86213915328111654515&user=A&message2user=Account%20updated. The...
CVE-2024-8022 Genexis Tilgin Home Gateway cross site scripting
A vulnerability was found in Genexis Tilgin Home Gateway 322AS0500-03051305. It has been rated as problematic. This issue affects some unknown processing of the file /vood/cgi-bin/voodview.cgi?lang=EN&act=user/specconf&sessionId=86213915328111654515&user=A&message2user=Account%20updated. The...
CVE-2024-8022 Genexis Tilgin Home Gateway cross site scripting
A vulnerability was found in Genexis Tilgin Home Gateway 322AS0500-03051305. It has been rated as problematic. This issue affects some unknown processing of the file /vood/cgi-bin/voodview.cgi?lang=EN&act=user/specconf&sessionId=86213915328111654515&user=A&message2user=Account%20updated. The...
CVE-2024-8022
CVE-2024-8022 affects Genexis Tilgin Home Gateway 322_AS0500-03_05_13_05. The issue is a cross-site scripting vulnerability in the handling of the Phone Number argument of the vood_view.cgi endpoint, enabling remote exploitation. Multiple sources corroborate a public exploit/disclosure. The pract...
Enphase Envoy 安全漏洞
Enphase Envoy is a gateway device for connecting smart home devices from Enphase USA. A security vulnerability exists in Enphase Envoy version 4.x up to and including version 8.2.4225, which stems from the inclusion of a path traversal vulnerability...
CVE-2024-6355
A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/productinfo/. The manipulation of the argument productinfo leads to cross site scripting. The...
CVE-2024-6355 Genexis Tilgin Fiber Home Gateway HG1522 cross site scripting
A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/productinfo/. The manipulation of the argument productinfo leads to cross site scripting. The...
CVE-2024-6355 Genexis Tilgin Fiber Home Gateway HG1522 cross site scripting
A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/productinfo/. The manipulation of the argument productinfo leads to cross site scripting. The...
Genexis Tilgin Home Gateway Cross-Site Scripting Vulnerability
Genexis Tilgin Home Gateway is a series of home gateways from Genexis, a South Korean company. A cross-site scripting vulnerability exists in the Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112 version, which stems from the fact that manipulation of the parameter productinfo can lead to...