Lucene search
+L

170 matches found

redhatcve
redhatcve
added 2025/05/23 4:40 a.m.8 views

CVE-2023-41011

Command Execution vulnerability in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the shortcuttelnet.cg component...

9.8CVSS8.1AI score0.02043EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/23 1:13 a.m.5 views

CVE-2022-23135

There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the lack of verification of user modified destination path, an attacker with specific permissions could modify the FTP access path to access and modify the system path contents without authorization, which...

6.5CVSS6.6AI score0.01396EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/03/28 12:0 a.m.4 views

KDDI HGW BL1500HM 跨站脚本漏洞

The KDDI HGW BL1500HM is a home router from KDDI Japan. A cross-site scripting vulnerability exists in KDDI HGW BL1500HM 002.002.003 and earlier versions, which originates from cross-site scripting in the USB storage file sharing feature and could lead to the execution of arbitrary scripts...

3.6CVSS4.8AI score0.00189EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/03/28 12:0 a.m.4 views

KDDI HGW BL1500HM 路径遍历漏洞

The KDDI HGW BL1500HM is a home router from KDDI Japan. A path traversal vulnerability exists in KDDI HGW BL1500HM 002.002.003 and earlier versions, which stems from path traversal in the USB storage file sharing feature and could lead to the acquisition or modification of files...

6.5CVSS6.8AI score0.00639EPSS
Exploits0References3
jvn
jvn
added 2025/03/19 6:33 a.m.3 views

Multiple vulnerabilities in home gateway HGW-BL1500HM

Overview Home gateway HGW-BL1500HM provided by KDDI CORPORATION contains multiple vulnerabilities listed below. Stored cross-site scripting in the NickName registration screen CWE-79 - CVE-2025-27567 Stored cross-site scripting in the USB storage file-sharing function CWE-79 - CVE-2025-27574 Path...

8.8CVSS6.6AI score0.00878EPSS
Exploits0References10
jvn
jvn
added 2025/03/19 12:0 a.m.53 views

JVN#04278547: Multiple vulnerabilities in home gateway HGW-BL1500HM

Home gateway HGW-BL1500HM provided by KDDI CORPORATION contains multiple vulnerabilities listed below. Stored cross-site scripting in the NickName registration screen CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2025-27567 Stored cross-site scripting in the USB storage...

8.8CVSS7.3AI score0.00878EPSS
Exploits0
vulnrichment
vulnrichment
added 2024/09/26 8:34 a.m.10 views

CVE-2024-47044

Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device...

7.1AI score0.00428EPSS
Exploits0References7
nvd
nvd
added 2024/09/26 4:15 a.m.27 views

CVE-2024-47045

Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...

7.8CVSS0.00148EPSS
Exploits0References2
cve
cve
added 2024/09/26 3:33 a.m.63 views

CVE-2024-47045

The CVE-2024-47045 issue affects the installer for the e-Tax software (common program). The vulnerability allows a malicious DLL uploaded or introduced by an attacker to run with higher privileges than the application, due to privilege escalation in the install process (root cause described as a ...

7.8CVSS6.5AI score0.00148EPSS
Exploits0References2
cvelist
cvelist
added 2024/09/26 3:33 a.m.35 views

CVE-2024-47045

Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...

0.00148EPSS
Exploits0References2
jvn
jvn
added 2024/09/24 7:0 a.m.3 views

Multiple NTT EAST Home GateWay/Hikari Denwa routers fail to restrict access permissions

Overview Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION fail to restrict access permissions CWE-451. Keishi Awata of logicalmixed reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

5.3CVSS6.6AI score0.00428EPSS
Exploits0References5
nvd
nvd
added 2024/08/21 12:15 a.m.12 views

CVE-2024-8022

A vulnerability was found in Genexis Tilgin Home Gateway 322AS0500-03051305. It has been rated as problematic. This issue affects some unknown processing of the file /vood/cgi-bin/voodview.cgi?lang=EN&act=user/specconf&sessionId=86213915328111654515&user=A&message2user=Account%20updated. The...

5.3CVSS0.00338EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/08/20 11:31 p.m.12 views

CVE-2024-8022 Genexis Tilgin Home Gateway cross site scripting

A vulnerability was found in Genexis Tilgin Home Gateway 322AS0500-03051305. It has been rated as problematic. This issue affects some unknown processing of the file /vood/cgi-bin/voodview.cgi?lang=EN&act=user/specconf&sessionId=86213915328111654515&user=A&message2user=Account%20updated. The...

5.3CVSS6AI score0.00338EPSS
Exploits0References3
cvelist
cvelist
added 2024/08/20 11:31 p.m.19 views

CVE-2024-8022 Genexis Tilgin Home Gateway cross site scripting

A vulnerability was found in Genexis Tilgin Home Gateway 322AS0500-03051305. It has been rated as problematic. This issue affects some unknown processing of the file /vood/cgi-bin/voodview.cgi?lang=EN&act=user/specconf&sessionId=86213915328111654515&user=A&message2user=Account%20updated. The...

5.3CVSS0.00338EPSS
Exploits0References3
cve
cve
added 2024/08/20 11:31 p.m.44 views

CVE-2024-8022

CVE-2024-8022 affects Genexis Tilgin Home Gateway 322_AS0500-03_05_13_05. The issue is a cross-site scripting vulnerability in the handling of the Phone Number argument of the vood_view.cgi endpoint, enabling remote exploitation. Multiple sources corroborate a public exploit/disclosure. The pract...

5.3CVSS3.7AI score0.00338EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/08/12 12:0 a.m.6 views

Enphase Envoy 安全漏洞

Enphase Envoy is a gateway device for connecting smart home devices from Enphase USA. A security vulnerability exists in Enphase Envoy version 4.x up to and including version 8.2.4225, which stems from the inclusion of a path traversal vulnerability...

9.2CVSS6.7AI score0.00779EPSS
Exploits0References4
nvd
nvd
added 2024/06/26 9:15 p.m.13 views

CVE-2024-6355

A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/productinfo/. The manipulation of the argument productinfo leads to cross site scripting. The...

6.9CVSS0.00428EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/06/26 9:0 p.m.13 views

CVE-2024-6355 Genexis Tilgin Fiber Home Gateway HG1522 cross site scripting

A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/productinfo/. The manipulation of the argument productinfo leads to cross site scripting. The...

6.9CVSS4.4AI score0.00428EPSS
Exploits0References3
cvelist
cvelist
added 2024/06/26 9:0 p.m.20 views

CVE-2024-6355 Genexis Tilgin Fiber Home Gateway HG1522 cross site scripting

A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/productinfo/. The manipulation of the argument productinfo leads to cross site scripting. The...

6.9CVSS0.00428EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/06/26 12:0 a.m.4 views

Genexis Tilgin Home Gateway Cross-Site Scripting Vulnerability

Genexis Tilgin Home Gateway is a series of home gateways from Genexis, a South Korean company. A cross-site scripting vulnerability exists in the Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112 version, which stems from the fact that manipulation of the parameter productinfo can lead to...

6.9CVSS5.8AI score0.00428EPSS
Exploits0References4
Rows per page
Query Builder