55 matches found
CVE-2025-12387
A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...
CVE-2025-12387
A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...
CVE-2025-12386
Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...
CVE-2025-12387 Denial of Service in Pix-Link LV-WR21Q
A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...
EUVD-2025-206411
A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...
CVE-2025-12387
A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...
CVE-2025-12387
CVE-2025-12387 affects the Pix-Link LV-WR21Q router. The vulnerability resides in the router’s language module and can be triggered by sending a specially crafted HTTP POST with a non-existing language parameter, causing the admin panel to fail to serve lang.js and leading to a DoS of the adminis...
CVE-2025-12387 Denial of Service in Pix-Link LV-WR21Q
A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...
EUVD-2025-206410
Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...
CVE-2025-12386 Missing Authentication for Critical Endpoint in Pix-Link LV-WR21Q
Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...
CVE-2025-12386
Pix-Link LV-WR21Q is vulnerable to an unauthenticated access issue at endpoint /goform/getHomePageInfo. The vulnerability allows remote attackers with network access to retrieve sensitive data (cleartext passwords) due to lack of authentication. Only version V108_108 has been tested and confirmed...
CVE-2025-12386 Missing Authentication for Critical Endpoint in Pix-Link LV-WR21Q
Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...
CVE-2025-12386
Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...
PT-2026-4912
Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...
Pix-Link LV-WR21Q code issue and vulnerability
The Pix-Link LV-WR21Q is a wireless router produced by the Chinese company Pix-Link. The Pix-Link LV-WR21Q has a code vulnerability, which stems from improper handling of the language module. This vulnerability could allow remote attackers to trigger a denial-of-service attack through a specially...
PT-2026-4913
A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...
EUVD-2019-3536
Malware in sbrugna...
EUVD-2020-16840
Malware in sbrugna...
EUVD-2021-30636
Malicious code in bioql PyPI...
EUVD-2021-30635
Malicious code in bioql PyPI...