23 matches found
EUVD-2024-34425
Malicious code in bioql PyPI...
EUVD-2024-29060
Malicious code in bioql PyPI...
EUVD-2024-34484
Malicious code in bioql PyPI...
CVE-2024-31152
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. This could lead to network service interruptions...
CVE-2024-23309
The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...
CVE-2024-33700
The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption...
CVE-2024-33699
The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the current password...
CVE-2024-33699
The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the current password...
CVE-2024-32946
A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attacks...
CVE-2024-31152
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. This could lead to network service interruptions...
CVE-2024-23309
The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...
CVE-2024-24777
A cross-site request forgery CSRF vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious web page to trigger this vulnerability...
CVE-2024-23309
The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...
CVE-2024-31152
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. This could lead to network service interruptions...
CVE-2024-31152
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. This could lead to network service interruptions...
CVE-2024-31152
The CVE-2024-31152 issue affects LevelOne WBR-6012 routers (firmware R0.40e6). The root cause is improper resource allocation in the router’s web application, causing a flood of crafted HTTP requests to crash/reboot the device. Specifically, a flood of valid HTTP POSTs to /cgi-bin/logi can trigge...
CVE-2024-32946
A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attacks...
CVE-2024-33699
The CVE-2024-33699 entry concerns LevelOne WBR-6012 router firmware version R0.40e6 with a web application weakness enabling password changes without the current password. Talos reports a weak authentication vulnerability (CWE-620) where the admin password can be changed via HTTP requests, potent...
CVE-2024-23309
CVE-2024-23309 affects LevelOne WBR-6012 router with firmware R0.40e6, where the web application authenticates based on the client IP rather than a session token. Talos documents a vulnerability in the web UI that allows an attacker to spoof the client IP and gain unauthorized access, bypassing a...
CVE-2024-33623
A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability...