Lucene search
K

41 matches found

CNNVD
CNNVD
added 2023/10/16 12:0 a.m.4 views

Cisco IOS XE Software 安全漏洞

Cisco IOS XE is an operating system developed by Cisco for its network devices.Web UI is a feature of IOS XE software designed to simplify the deployment, management process, and enhance the user experience. The Cisco IOS XE Software web UI elevation of privilege vulnerability can be exploited by...

10CVSS7.3AI score0.99571EPSS
Exploits27References8
The Hacker News
The Hacker News
added 2023/06/02 10:8 a.m.4 views

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

The Chinese nation-state group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic...

7.3AI score
Exploits0
CNVD
CNVD
added 2020/11/10 12:0 a.m.3 views

Binary Vulnerability in ISP Version of Soft Route for Shenzhen Baiwei Tongda Technology Co.

Shenzhen Baiwei Tongda Technology Co., Ltd. is committed to providing leading network solutions for Internet cafes, neighborhoods, hotels, businesses, and public Internet access places. A binary vulnerability exists in the ISP version of the soft router of Shenzhen BWT Technology Co. An attacker...

6.9AI score
Exploits0
NVD
NVD
added 2020/03/20 1:15 a.m.21 views

CVE-2018-20334

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /startapply.htm POST data, there is a command injection issue via shell metacharacters in the fbemail parameter. By using this issue, an attacker can control the router and get shell...

10CVSS9.8AI score0.0383EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/03/20 12:11 a.m.21 views

CVE-2018-20334

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /startapply.htm POST data, there is a command injection issue via shell metacharacters in the fbemail parameter. By using this issue, an attacker can control the router and get shell...

9.8AI score0.0383EPSS
Exploits1References1
NVD
NVD
added 2020/01/05 11:15 p.m.20 views

CVE-2019-20004

An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router...

8.8CVSS8.8AI score0.01169EPSS
Exploits0References2
OSV
OSV
added 2019/12/26 6:15 p.m.4 views

CVE-2019-19995

A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user...

8.8CVSS7.3AI score0.00662EPSS
Exploits0References1
NVD
NVD
added 2019/12/26 6:15 p.m.24 views

CVE-2019-19995

A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user...

9.3CVSS8.8AI score0.00662EPSS
Exploits0References1
Prion
Prion
added 2019/12/26 6:15 p.m.16 views

Cross site request forgery (csrf)

A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user...

9.3CVSS8.7AI score0.00662EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/10/11 8:15 p.m.4 views

CVE-2019-17506

There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password and other information via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZEDGROUP=1%0a to getcfg.php...

9.8CVSS7.2AI score0.57298EPSS
Exploits1References1
OSV
OSV
added 2019/08/15 3:15 p.m.5 views

CVE-2019-3417

All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system...

8.8CVSS7.2AI score0.01859EPSS
Exploits0References1
OSV
OSV
added 2019/04/22 11:29 a.m.7 views

CVE-2019-11416

A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user...

8.8CVSS5.8AI score0.0389EPSS
Exploits5References3
CVE
CVE
added 2019/04/21 7:38 p.m.44 views

CVE-2019-11414

CVE-2019-11414 affects Intelbras IWR 3000N devices running 1.5.0. The issue: when the administrator password is changed from a specific client IP address, administrative authorization remains available to any client at that IP, allowing complete control of the router. Root cause and detailed mech...

8.8CVSS8.7AI score0.01324EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/04/21 7:38 p.m.20 views

CVE-2019-11414

An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router...

8.8AI score0.01324EPSS
Exploits1References1
CVE
CVE
added 2018/12/18 10:0 p.m.45 views

CVE-2018-17777

The CVE-2018-17777 entry describes a credential-bypass on D-Link DVA-5592 A1_WI_20180823 devices. If the Parental Control PIN on the page /ui/cbpc/login is the default 0000, an attacker can bypass the login form by editing the path of the cookie sid, gaining administrator access to the router con...

9.8CVSS9.3AI score0.01866EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2018/04/25 12:0 a.m.598 views

Mikrotik RouterOS 'Winbox Service' Information Disclosure Vulnerability (Apr 2018) - Version Check

Mikrotik RouterOS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.1CVSS9.4AI score0.96087EPSS
Exploits23References3
NVD
NVD
added 2017/06/11 11:29 p.m.17 views

CVE-2017-9542

D-Link DIR-615 Wireless N 300 Router allows authentication bypass via a modified POST request to login.cgi. This issue occurs because it fails to validate the password field. Successful exploitation of this issue allows an attacker to take control of the affected device...

10CVSS9.7AI score0.05073EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2017/06/11 12:0 a.m.7 views

PT-2017-2634 · D Link · D-Link Dir-615 Wireless N 300 Router

Name of the Vulnerable Software and Affected Versions: D-Link DIR-615 Wireless N 300 Router Description: The issue is related to weaknesses in the authentication procedure of the router's firmware. It can be exploited by a remote attacker using a modified POST request to the "login.cgi" endpoint,...

10CVSS9.7AI score0.05073EPSS
Exploits0References5
0day.today
0day.today
added 2017/03/15 12:0 a.m.25 views

ASUS PCE-AC56 WLAN Card Utilities (PCAUSA Rawether Windows 10 x64) - Local Privilege Escalation Expl

Exploit for windows platform in category local exploits Rawether for Windows is a framework that facilitates communication between an application and the NDIS miniport driver. It’s produced by a company named Printing Communications Assoc., Inc. PCAUSA, which seems to be no longer operating...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/15 12:0 a.m.53 views

ASUS PCE-AC56 WLAN Card Utilities (PCAUSA Rawether Windows 10 x64) - Local Privilege Escalation

ASUS PCE-AC56 WLAN Card Utilities PCAUSA Rawether Windows 10 x64 - Local Privilege Escalation. Local exploit for Winx86-64 platform Rawether for Windows is a framework that facilitates communication between an application and the NDIS miniport driver. It’s produced by a company named Printing...

0.8AI score
Exploits0
Rows per page
Query Builder