Lucene search
K

39 matches found

CNNVD
CNNVD
added 2024/11/15 12:0 a.m.4 views

Skyworth Router CM5100 安全漏洞

Skyworth Router CM5100 is a single-band router with N300 speed from Skyworth China. A security vulnerability exists in the Skyworth Router CM5100 version 4.1.1.24, which originates from storing sensitive information about USB and Wifi connected devices in plaintext...

2.4CVSS6.5AI score0.00258EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.8 views

PT-2024-31980 · Hathway · Hathway Skyworth Router Cm5100-511

Name of the Vulnerable Software and Affected Versions: Hathway Skyworth Router CM5100-511 version 4.1.1.24 Description: The issue concerns the storage of sensitive information about connected devices in plaintext. This affects devices connected via USB and Wifi. Recommendations: For version...

2.4CVSS6.8AI score0.00258EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/10 12:0 a.m.5 views

Skyworth Router CM5100 安全漏洞

The Skyworth Router CM5100 is a single-band router with N300 speed from Skyworth China. A security vulnerability exists in the Hathway Skyworth Router CM5100 version 4.1.1.24, which originates from a vulnerability that allows a physically proximate attacker to obtain user credentials via SPI flas...

8CVSS6.7AI score0.00618EPSS
Exploits1References2
OSV
OSV
added 2024/01/17 8:15 a.m.5 views

CVE-2023-51743

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Set Upstream Channel ID UCID parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter...

7.5CVSS7.2AI score0.00581EPSS
Exploits0References1
OSV
OSV
added 2024/01/17 8:15 a.m.2 views

CVE-2023-51741

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and password from the web...

7.5CVSS5.8AI score0.00372EPSS
Exploits0References1
OSV
OSV
added 2024/01/17 8:15 a.m.6 views

CVE-2023-51739

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

5.4CVSS5.9AI score0.00358EPSS
Exploits0References1
NVD
NVD
added 2024/01/17 8:15 a.m.14 views

CVE-2023-51735

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

6.9CVSS6.4AI score0.00358EPSS
Exploits0References1
Prion
Prion
added 2024/01/17 8:15 a.m.19 views

Input validation

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

4.9CVSS6.1AI score0.00358EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/17 8:15 a.m.18 views

Input validation

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

4.9CVSS6.1AI score0.00358EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/17 8:15 a.m.14 views

Input validation

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Network Name SSID parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

4.9CVSS6.1AI score0.00358EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/17 8:15 a.m.15 views

Input validation

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Remote endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to th...

4.9CVSS6.2AI score0.00358EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/17 8:15 a.m.16 views

Input validation

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

4.9CVSS6.1AI score0.00358EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/17 8:15 a.m.11 views

Input validation

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Add Downstream Frequency parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at...

5CVSS7.2AI score0.00581EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/17 8:0 a.m.42 views

CVE-2023-51743

CVE-2023-51743 affects Skyworth Router CM5100, version 4.1.1.24. The issue arises from insufficient validation of the Set Upstream Channel ID (UCID) parameter at the web interface, enabling a remote attacker to supply crafted input. The documented impact is a Denial of Service (DoS) on the target...

7.5CVSS7.4AI score0.00581EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/17 7:20 a.m.39 views

CVE-2023-51739

CVE-2023-51739 affects Skyworth Router CM5100 (version 4.1.1.24). The vulnerability stems from insufficient validation of the Device Name parameter in the router’s web interface, enabling a remote attacker to craft input that could be stored as XSS. Reports in connected documents confirm this is ...

6.9CVSS5.2AI score0.00358EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/17 7:17 a.m.27 views

CVE-2023-51737 Stored Cross Site Scripting Vulnerability in Skyworth Router

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

6.9CVSS6.5AI score0.00358EPSS
Exploits0References1
OSV
OSV
added 2024/01/17 7:15 a.m.8 views

CVE-2023-51731

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interfac...

5.4CVSS5.9AI score0.00358EPSS
Exploits0References1
NVD
NVD
added 2024/01/17 7:15 a.m.16 views

CVE-2023-51730

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

6.9CVSS6.4AI score0.00358EPSS
Exploits0References1
OSV
OSV
added 2024/01/17 7:15 a.m.6 views

CVE-2023-51730

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

5.4CVSS5.9AI score0.00358EPSS
Exploits0References1
NVD
NVD
added 2024/01/17 7:15 a.m.23 views

CVE-2023-51724

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the URL parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of...

6.9CVSS6.4AI score0.00358EPSS
Exploits0References1
Rows per page
Query Builder