144 matches found
LevelOne WBR-6012 安全漏洞
The LevelOne WBR-6012 is a wireless router from LevelOne. A security vulnerability exists in the LevelOne WBR-6012 that stems from the ability to change the administrator password and gain higher privileges without the current password under certain circumstances...
PT-2024-19800 · Levelone · Levelone Wbr-6012
Name of the Vulnerable Software and Affected Versions: LevelOne WBR-6012 version R0.40e6 Description: The issue is related to an authentication bypass in the web application of the router, which relies on client IP addresses for authentication. This allows attackers to spoof an IP address and gai...
LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability
Talos Vulnerability Report TALOS-2024-1983 LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability October 30, 2024 CVE Number CVE-2024-32946 SUMMARY A vulnerability in the LevelOne WBR-6012 router’s firmware version R0.40e6 allows sensitive information to be transmitted in cleartext v...
LevelOne WBR-6012 Web Application cross-site request forgery (CSRF) vulnerability
Talos Vulnerability Report TALOS-2024-1981 LevelOne WBR-6012 Web Application cross-site request forgery CSRF vulnerability October 30, 2024 CVE Number CVE-2024-24777 SUMMARY A cross-site request forgery CSRF vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e...
LevelOne WBR-6012 Web Application weak authentication vulnerability
Talos Vulnerability Report TALOS-2024-1984 LevelOne WBR-6012 Web Application weak authentication vulnerability October 30, 2024 CVE Number CVE-2024-33699 SUMMARY The LevelOne WBR-6012 router’s web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the...
15 vulnerabilities discovered in software development kit for wireless routers
Cisco Talos Vulnerability Research team recently discovered 15 vulnerabilities in the Realtek rtl819x Jungle software development kit used in some small and home office wireless routers. This SDK uses the discontinued, open-source Boa as its web server. Talos researchers discovered these...
CVE-2023-49593
Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A specially crafted network request can lead to arbitrary command execution...
CVE-2023-46685
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A set of specially crafted network packets can lead to arbitrary command execution...
CVE-2023-46685
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A set of specially crafted network packets can lead to arbitrary command execution...
CVE-2023-49593
Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A specially crafted network request can lead to arbitrary command execution...
CVE-2023-46685
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A set of specially crafted network packets can lead to arbitrary command execution...
CVE-2023-46685
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A set of specially crafted network packets can lead to arbitrary command execution...
CVE-2023-49593
CVE-2023-49593 affects LevelOne WBR-6013 wireless router (Boa web server, Realtek SDK) where leftover debug code in the /boafrm/formSysCmd API allows an attacker to execute arbitrary commands via a crafted network request. Talos confirms the vulnerability, including an exploitable path and a PoC,...
CVE-2023-49593
Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A specially crafted network request can lead to arbitrary command execution...
CVE-2023-46685
CVE-2023-46685 affects LevelOne WBR-6013 (telnetd) with a hard-coded password vulnerability. Talos documents a vulnerability in the telnetd service enabling arbitrary command execution via specially crafted network packets, potentially achieving root access. A PoC exists and shows remote code exe...
Realtek rtl819x Jungle SDK boa CSRF protection cross-site request forgery (CSRF) vulnerability
Talos Vulnerability Report TALOS-2023-1872 Realtek rtl819x Jungle SDK boa CSRF protection cross-site request forgery CSRF vulnerability July 8, 2024 CVE Number CVE-2023-47677 SUMMARY A cross-site request forgery csrf vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x...
Realtek rtl819x Jungle SDK boa formDnsv6 stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1876 Realtek rtl819x Jungle SDK boa formDnsv6 stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-48270 SUMMARY A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11....
Realtek rtl819x Jungle SDK boa formIpQoS stack-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1895 Realtek rtl819x Jungle SDK boa formIpQoS stack-based buffer overflow vulnerabilities July 8, 2024 CVE Number CVE-2023-50243,CVE-2023-50244 SUMMARY Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x...
Realtek rtl819x Jungle SDK boa set_RadvdPrefixParam stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1892 Realtek rtl819x Jungle SDK boa setRadvdPrefixParam stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-47856 SUMMARY A stack-based buffer overflow vulnerability exists in the boa setRadvdPrefixParam functionality of Realtek rtl819x...
Realtek rtl819x Jungle SDK boa updateConfigIntoFlash integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1877 Realtek rtl819x Jungle SDK boa updateConfigIntoFlash integer overflow vulnerability July 8, 2024 CVE Number CVE-2023-45742 SUMMARY An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK...