11 matches found
CVE-2020-37093
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...
CVE-2020-37092
Netis E1+ version 1.2.32533 contains a hardcoded root account vulnerability that allows unauthenticated attackers to access the device with predefined credentials. Attackers can leverage the embedded root account with a crackable password to gain full administrative access to the network device...
CVE-2020-37093 Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...
CVE-2020-37093
Netis E1+ 1.2.32533 is affected by an information-disclosure vulnerability exposed via the netcore_get.cgi endpoint. An unauthenticated attacker can issue a GET request to netcore_get.cgi and retrieve sensitive wireless credentials, including SSID and WiFi passwords, in plain text. The issue is s...
CVE-2020-37093 Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...
CVE-2020-37093
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...
CVE-2020-37092 Netis E1+ 1.2.32533 - Backdoor Account (root)
Netis E1+ version 1.2.32533 contains a hardcoded root account vulnerability that allows unauthenticated attackers to access the device with predefined credentials. Attackers can leverage the embedded root account with a crackable password to gain full administrative access to the network device...
CVE-2020-37092 Netis E1+ 1.2.32533 - Backdoor Account (root)
Netis E1+ version 1.2.32533 contains a hardcoded root account vulnerability that allows unauthenticated attackers to access the device with predefined credentials. Attackers can leverage the embedded root account with a crackable password to gain full administrative access to the network device...
Netis E1+ 信任管理问题漏洞
Netis E1+ is a wireless signal amplifier developed by the Chinese company Netis. Version 1.2.32533 of Netis E1+ contains a vulnerability related to trust management. This vulnerability stems from the presence of a hardcoded root account, allowing attackers to access devices using predefined...
PT-2026-5843
Name of the Vulnerable Software and Affected Versions Netis E1+ version 1.2.32533 Description An information disclosure issue exists that allows unauthenticated attackers to retrieve WiFi passwords. Attackers can send a GET request to the ''netcore get.cgi'' endpoint to extract sensitive network...
Netis E1+ 安全漏洞
Netis E1+ is a wireless signal amplifier developed by the Chinese company Netis. Version 1.2.32533 of Netis E1+ contains a security vulnerability. This vulnerability stems from an information leakage flaw, allowing attackers to send GET requests to the netcoreget.cgi endpoint, potentially leading...