Lucene search
K

336 matches found

Cvelist
Cvelist
added 2022/03/09 6:27 p.m.29 views

CVE-2022-25552

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formfastsettingwifiset. This vulnerability allows attackers to cause a Denial of Service DoS via the ssid parameter...

7.8AI score0.01219EPSS
Exploits1References1
Talos
Talos
added 2021/11/15 12:0 a.m.57 views

Lantronix PremierWave 2050 Web Manager Wireless Network Scanner OS command injection vulnerability

Summary An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.9CVSS9.6AI score0.37064EPSS
Exploits1
CNNVD
CNNVD
added 2021/06/09 12:0 a.m.5 views

RaspAP 操作系统命令注入漏洞

RaspAP is a simple wireless AP setup and management for Debian-based devices. An operating system command injection vulnerability exists in RaspAP, which stems from the failure to properly filter "interface", "ssid" in /hostapd in RaspAP versions 2.6 through 2.6.5, ";", "$" and other special...

9CVSS8.4AI score0.02739EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/04/14 12:0 a.m.4 views

TP-Link WR2041 缓冲区错误漏洞

TP-Link WR2041 is a wireless WIFI from TP-Link. A buffer error vulnerability exists in the TP-Link WR2041 v1 firmware, which can be exploited to cause a denial of service by sending an HTTP request with a long "ssid" parameter to the "userRpm The vulnerability can be exploited to cause a Denial o...

7.8CVSS7.5AI score0.01703EPSS
Exploits1References2
NVD
NVD
added 2020/10/28 7:15 p.m.16 views

CVE-2020-27980

Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users...

5.4CVSS5.2AI score0.00629EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2020/10/26 12:0 a.m.337 views

Genexis Platinum-4410 Cross Site Scripting

Exploit Title: Persistent XSS in SSID Date: 10/24/2020 Exploit Author: Amal Mohandas Vendor Homepage: https://genexis.co.in/product/ont/ Version: Platinum-4410 Software version - P4410-V2-1.28 Tested on: Windows 10 Vulnerability Details ====================== Genexis Platinum-4410 Home Gateway...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/26 12:0 a.m.425 views

Genexis Platinum-4410 - 'SSID' Persistent XSS

Exploit Title: Persistent XSS in SSID Date: 10/24/2020 Exploit Author: Amal Mohandas Vendor Homepage: https://genexis.co.in/product/ont/ Version: Platinum-4410 Software version - P4410-V2-1.28 Tested on: Windows 10 Vulnerability Details ====================== Genexis Platinum-4410 Home Gateway...

7.4AI score
Exploits0
NVD
NVD
added 2019/12/11 11:15 p.m.13 views

CVE-2019-3985

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter...

8.8CVSS9.1AI score0.01664EPSS
Exploits1References1
Prion
Prion
added 2019/12/11 11:15 p.m.18 views

Command injection

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter...

8.3CVSS9AI score0.01664EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/10/29 12:29 p.m.4 views

CVE-2018-18707

An issue was discovered on Tenda AC7 V15.03.06.44CN, AC9 V15.03.05.196318CN, AC10 V15.03.06.23CN, AC15 V15.03.05.19CN, and AC18 V15.03.05.196318CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, the value...

7.5CVSS6.2AI score0.01141EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2017/03/20 12:0 a.m.48 views

Google Nest Cam 5.2.1
 - Buffer Overflow Conditions Over Bluetooth LE

Exploit Title: Google Nest Cam - Multiple Buffer Overflow Conditions Over Bluetooth LE Reported to Google: October 26, 2016 Public Disclosure: March 17, 2017 Exploit Author: Jason Doyle @jasondoyle Vendor Homepage: https://nest.com/ Affected: Dropcam, Dropcam Pro, Nest Cam Indoor/Outdoor models ...

7.4AI score
Exploits0
NVD
NVD
added 2015/09/21 10:59 a.m.22 views

CVE-2015-5992

Cross-site scripting XSS vulnerability in form2WlanSetup.cgi on Philippine Long Distance Telephone PLDT SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to inject arbitrary web script or HTML via the ssid parameter...

4.3CVSS5.9AI score0.0117EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/09/21 10:0 a.m.24 views

CVE-2015-5992

Cross-site scripting XSS vulnerability in form2WlanSetup.cgi on Philippine Long Distance Telephone PLDT SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to inject arbitrary web script or HTML via the ssid parameter...

5.9AI score0.0117EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/20 12:0 a.m.24 views

Phillipine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 Cross-Site Scripting Vulnerabilities

The Phillipine Long Distance Telephone PLDT SpeedSurf 504AN and the Kasda KW58293 are modem and router all-in-one units. The PLDT SpeedSurf 504AN and Kasda KW58293 form2WlanSetup.cgi page fails to adequately filter the 'ssid' parameter, allowing a remote attacker to exploit the vulnerability by...

4.3CVSS6.8AI score0.0117EPSS
Exploits0References1
Prion
Prion
added 2008/02/15 10:0 p.m.20 views

Sql injection

SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote attackers to execute arbitrary SQL commands via the ssid parameter...

7.5CVSS9.1AI score0.00923EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2007/04/10 11:19 p.m.20 views

Sql injection

SQL injection vulnerability in index.php in the slownik module in SmodCMS 2.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ssid parameter...

7.5CVSS9AI score0.01029EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder