27 matches found
EUVD-2021-30226
Malicious code in bioql PyPI...
EUVD-2021-30227
Malicious code in bioql PyPI...
EUVD-2021-30228
Malicious code in bioql PyPI...
CVE-2021-43283
An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the...
CVE-2021-43282
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is advertised to anyone within Wi-Fi range through the router's MAC address. The device default Wi-Fi password corresponds to the last 4 bytes of the MAC address of its 2.4 GHz network interface controller...
Victure WR1200 WiFi Router Command Injection (CVE-2021-43283)
A command injection vulnerability exists in Victure WR1200 WiFi Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Victure WR1200 Trust Management Issue Vulnerability (CNVD-2021-95232)
Victure WR1200 is a router. Victure WR1200 1.0.3 and prior versions are vulnerable to trust management issues, which can be exploited by attackers to gain control of the device via SSH...
Victure WR1200 OS Command Injection Vulnerability
The Victure WR1200 is a router. The Victure WR1200 1.0.3 and prior versions are vulnerable to OS command injection, which can be exploited by attackers to inject arbitrary shell commands using valid credentials...
Victure WR1200 Trust Management Issue Vulnerability
Victure WR1200 is a router. A trust management issue vulnerability exists in Victure WR1200, which can be exploited by attackers to scan Wi-Fi networks for default keys...
CVE-2021-43284
An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...
CVE-2021-43283
An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the...
CVE-2021-43282
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is advertised to anyone within Wi-Fi range through the router's MAC address. The device default Wi-Fi password corresponds to the last 4 bytes of the MAC address of its 2.4 GHz network interface controller...
CVE-2021-43284
An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...
CVE-2021-43282
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is advertised to anyone within Wi-Fi range through the router's MAC address. The device default Wi-Fi password corresponds to the last 4 bytes of the MAC address of its 2.4 GHz network interface controller...
CVE-2021-43283
An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the...
Default credentials
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is advertised to anyone within Wi-Fi range through the router's MAC address. The device default Wi-Fi password corresponds to the last 4 bytes of the MAC address of its 2.4 GHz network interface controller...
Command injection
An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the...
Design/Logic Flaw
An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...
CVE-2021-43284
CVE-2021-43284 affects Victure WR1200 devices (version 1.0.3 and earlier). The root SSH password remains the default value, “admin,” allowing an attacker to gain full control of the device via SSH regardless of whether the admin password was changed in the web interface. The connected records con...
CVE-2021-43284
An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH regardless of whether the admin password was changed on the web interface...