Peplink Smart Reader 操作系统命令注入漏洞

Peplink Smart Reader is a smart reader from Peplink Inc. It is used for employee time and attendance. An operating system command injection vulnerability exists in Peplink Smart Reader v1.2.0, which stems from the presence of an operating system command injection vulnerability that could lead to...

Peplink Smart Reader 访问控制错误漏洞

Peplink Smart Reader is a smart reader from Peplink Inc. It is used for employee time and attendance. An access control error vulnerability exists in Peplink Smart Reader version v1.2.0, which stems from the presence of a data integrity vulnerability that could lead to configuration modifications...

PT-2024-12857 · Peplink · Peplink Smart Reader

Name of the Vulnerable Software and Affected Versions: Peplink Smart Reader version 1.2.0 Description: A privilege escalation issue exists in the /bin/login functionality. A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can...

Peplink Smart Reader web interface /cgi-bin/upload_config.cgi data integrity vulnerability

Talos Vulnerability Report TALOS-2023-1866 Peplink Smart Reader web interface /cgi-bin/uploadconfig.cgi data integrity vulnerability April 17, 2024 CVE Number CVE-2023-45744 SUMMARY A data integrity vulnerability exists in the web interface /cgi-bin/uploadconfig.cgi functionality of Peplink Smart...

Peplink Smart Reader 信任管理问题漏洞

Peplink Smart Reader is a smart card reader from Peplink Inc. It is used for employee time and attendance. A command injection vulnerability exists in Peplink Smart Reader v1.2.0, which stems from the presence of an elevation-of-privilege vulnerability, where an attacker can cause limited shell...

Peplink Smart Reader /bin/login privilege escalation vulnerability

Talos Vulnerability Report TALOS-2023-1868 Peplink Smart Reader /bin/login privilege escalation vulnerability April 17, 2024 CVE Number CVE-2023-40146 SUMMARY A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 in QEMU. A specially crafted...

Peplink Smart Reader web interface mac2name OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1867 Peplink Smart Reader web interface mac2name OS command injection vulnerability April 17, 2024 CVE Number CVE-2023-39367 SUMMARY An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 in QEM...

Peplink Smart Reader web interface /cgi-bin/download_config.cgi information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1865 Peplink Smart Reader web interface /cgi-bin/downloadconfig.cgi information disclosure vulnerability April 17, 2024 CVE Number CVE-2023-45209 SUMMARY An information disclosure vulnerability exists in the web interface /cgi-bin/downloadconfig.cgi...

Peplink Smart Reader web interface /cgi-bin/debug_dump.cgi information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1863 Peplink Smart Reader web interface /cgi-bin/debugdump.cgi information disclosure vulnerability April 17, 2024 CVE Number CVE-2023-43491 SUMMARY An information disclosure vulnerability exists in the web interface /cgi-bin/debugdump.cgi functionality of...

PT-2024-13084 · Peplink · Peplink Smart Reader

Name of the Vulnerable Software and Affected Versions: Peplink Smart Reader version 1.2.0 Description: An information disclosure vulnerability exists in the web interface /cgi-bin/debug dump.cgi functionality. A specially crafted HTTP request can lead to a disclosure of sensitive information. An...

PT-2023-9054 · Peplink · Peplink Smart Reader

Name of the Vulnerable Software and Affected Versions: Peplink Smart Reader version 1.2.0 Description: A command injection vulnerability exists in the web interface's mac2name functionality. This issue arises due to the lack of measures to neutralize special elements used in operating system...

PT-2023-9103 · Peplink · Peplink Smart Reader

Name of the Vulnerable Software and Affected Versions: Peplink Smart Reader version 1.2.0 Description: A data integrity vulnerability exists in the web interface /cgi-bin/upload config.cgi functionality. A specially crafted HTTP request can lead to configuration modification. An attacker can make...

2N Access Unit 信任管理问题漏洞

2N Access Unit is a smart access control reader from the Czech company 2N. A security vulnerability exists in 2N Access Unit, which originates in the 2N Access Unit 2.0,2.31.0.40.5 device, and can be exploited by an attacker to conduct a man-in-the-middle attack disguised as a web relay...