Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/28 3:18 p.m.8 views

CVE-2025-12387

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

6.9CVSS6AI score0.00659EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/28 3:18 p.m.8 views

CVE-2025-12386

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References1
NVD
NVD
added 2026/01/27 12:15 p.m.8 views

CVE-2025-12386

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS0.00653EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/27 11:57 a.m.7 views

CVE-2025-12387 Denial of Service in Pix-Link LV-WR21Q

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

6.9CVSS6AI score0.00659EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/27 11:57 a.m.4 views

CVE-2025-12386 Missing Authentication for Critical Endpoint in Pix-Link LV-WR21Q

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References3
CVE
CVE
added 2026/01/27 11:57 a.m.22 views

CVE-2025-12386

Pix-Link LV-WR21Q is vulnerable to an unauthenticated access issue at endpoint /goform/getHomePageInfo. The vulnerability allows remote attackers with network access to retrieve sensitive data (cleartext passwords) due to lack of authentication. Only version V108_108 has been tested and confirmed...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/27 11:57 a.m.37 views

CVE-2025-12386 Missing Authentication for Critical Endpoint in Pix-Link LV-WR21Q

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS0.00653EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/27 11:57 a.m.4 views

EUVD-2025-206410

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.11 views

PT-2026-4912

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.10 views

Pix-Link LV-WR21Q code issue and vulnerability

The Pix-Link LV-WR21Q is a wireless router produced by the Chinese company Pix-Link. The Pix-Link LV-WR21Q has a code vulnerability, which stems from improper handling of the language module. This vulnerability could allow remote attackers to trigger a denial-of-service attack through a specially...

6.9CVSS5.9AI score0.00659EPSS
Exploits0References4
Rows per page
Query Builder