53 matches found
The vulnerability of microprogrammed software in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows a attacker to trigger a Denial-of-Service Attack (DoS).
The vulnerability of Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters lies in the improper handling of exceptional states. Exploiting this vulnerability can allow a remote attacker to trigger a Denial-of-Service Attack DoS...
The vulnerability of microprogrammed software in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters exists due to the presence of rigidly encrypted credentials in the application code. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...
The vulnerability of microprogrammed software in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters, related to security mechanism errors, allows attackers to bypass authentication procedures.
The vulnerability of Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters is related to security mechanism errors. Exploiting this vulnerability can allow a malicious actor to bypass authentication procedures...
BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection
Overview Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability CWE-78. Yoshiki Mori and Masaki Kubo of National Institute of Information and Communications Technology, Cybersecurity Research Laboratory reported this vulnerability to...
JVN#12824024: BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection
Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability CWE-78. Impact If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS...
CVE-2024-41936
A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication...
CVE-2024-37023
Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters...
CVE-2024-37023
CVE-2024-37023 affects Vonets Industrial WiFi Bridge Relays/Repeaters (e.g., VAR1200-H/L, VAR600-H, VAP11AC/11G/11S variants, VBG1200, VGA-1000, etc.) with software version 3.3.23.6.9 and prior. It is a command-injection vulnerability that enables an authenticated remote attacker to execute arbit...
CVE-2024-41161
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be...
Canada revisits decision to ban Flipper Zero
In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. The Flipper Zero is a portable device that can be used in penetration testing with a focus on wireless devices and access control systems. If that doesnt...
CVE-2024-23910
Cross-site request forgery CSRF vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B a...
PT-2024-20167 · Elecom · Elecom Wireless Lan Repeater +4
Name of the Vulnerable Software and Affected Versions: ELECOM wireless LAN routers and wireless LAN repeater affected versions not specified Description: A cross-site request forgery CSRF issue allows a remote unauthenticated attacker to hijack the authentication of administrators and perform...
Remote code execution
Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW3.01B11P204, RG-NBS and RG-S1930 series switches SWITCH3.01B11P218, RG-EG series business VPN routers EG3.01B11P216, EAP and RAP series wireless access points AP3.01B11P218, NBC series wirele...
PT-2023-24965 · Ruijie Networks · Rg-Nbs +6
Name of the Vulnerable Software and Affected Versions: Ruijie Networks RG-EW series home routers and repeaters version EW 3.01B11P204 Ruijie Networks RG-NBS and RG-S1930 series switches version SWITCH 3.01B11P218 Ruijie Networks RG-EG series business VPN routers version EG 3.01B11P216 Ruijie...
CVE-2023-34644
Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW3.01B11P204, RG-NBS and RG-S1930 series switches SWITCH3.01B11P218, RG-EG series business VPN routers EG3.01B11P216, EAP and RAP series wireless access points AP3.01B11P218, NBC series wirele...
CVE-2023-37561
Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. Affected products and versions are as follows: WRH-300WH-H v2.12...
CVE-2023-37561
Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. Affected products and versions are as follows: WRH-300WH-H v2.12...
CVE-2023-37561
CVE-2023-37561 Open Redirect affecting ELECOM wireless LAN devices: WRH-300WH-H (v2.12 and earlier), WTC-300HWH (v1.09 and earlier), WTC-C1167GC-B (v1.17 and earlier), and WTC-C1167GC-W (v1.17 and earlier). A remote, unauthenticated attacker can cause users to be redirected to arbitrary websites ...
CVE-2023-37561
Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. Affected products and versions are as follows: WRH-300WH-H v2.12...
JVN#05223215: Multiple vulnerabilities in multiple ELECOM wireless LAN routers and wireless LAN repeaters
Wireless LAN routers and wireless LAN repeaters provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2023-37560 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...