Lucene search
K

65 matches found

NVD
NVD
added 2024/10/21 9:15 p.m.26 views

CVE-2024-40084

A Buffer Overflow in the Boa webserver of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via exceptionally long HTTP methods or paths...

9.6CVSS0.00595EPSS
Exploits1References1
NVD
NVD
added 2024/10/21 9:15 p.m.31 views

CVE-2024-40083

A Buffer Overflow vulnerabilty in the localappsetroutertoken function of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via sscanf reading the token and timezone JSON fields into a fixed-length buffer...

9.6CVSS0.00394EPSS
Exploits1References1
NVD
NVD
added 2024/10/21 9:15 p.m.38 views

CVE-2024-40085

A Buffer Overflow vulnerability in the localappsetrouterwan function of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via pppoeusername and pppoepassword fields being larger than 128 bytes in length...

9.6CVSS0.00595EPSS
Exploits1References1
CVE
CVE
added 2024/10/21 12:0 a.m.51 views

CVE-2024-40090

The CVE-2024-40090 entry concerns Vilo 5 Mesh WiFi System versions 5.16.1.33 and earlier, where an information disclosure vulnerability exists in the Boa webserver. Remote, unauthenticated attackers can leak memory addresses (uClibc) and stack information by sending a GET request to the index pag...

4.3CVSS6.7AI score0.00251EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/10/21 12:0 a.m.58 views

CVE-2024-40084

CVE-2024-40084 describes a remote, unauthenticated buffer overflow in the Boa webserver used by the Vilo 5 Mesh WiFi System (versions

9.6CVSS8.1AI score0.00595EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/10/21 12:0 a.m.21 views

CVE-2024-40088

A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to enumerate the existence and length of any file in the filesystem by placing malicious payloads in the path of any HTTP request...

0.00682EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/21 12:0 a.m.14 views

CVE-2024-40088

A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to enumerate the existence and length of any file in the filesystem by placing malicious payloads in the path of any HTTP request...

5.3AI score0.00682EPSS
Exploits1References2
CVE
CVE
added 2024/10/21 12:0 a.m.55 views

CVE-2024-40086

CVE-2024-40086 affects the Vilo 5 Mesh WiFi System, specifically versions prior to or including 5.16.1.33. The issue is a buffer overflow in local_app_set_router_wifi_SSID_PWD() , which can allow remote, unauthenticated attackers to execute arbitrary code. The impact is described as high/critical...

9.6CVSS8.1AI score0.00595EPSS
Exploits1References1
CVE
CVE
added 2024/10/21 12:0 a.m.53 views

CVE-2024-40085

CVE-2024-40085 affects Vilo 5 Mesh WiFi System versions

9.6CVSS8.1AI score0.00595EPSS
Exploits1References1
CVE
CVE
added 2024/10/21 12:0 a.m.58 views

CVE-2024-40083

CVE-2024-40083 is a buffer overflow in Vilo 5 Mesh WiFi System

9.6CVSS8AI score0.00394EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.9 views

PT-2024-28778 · Unknown · Boa Web Server +1

Name of the Vulnerable Software and Affected Versions: Vilo 5 Mesh WiFi System versions 5.16.1.33 and earlier Description: The issue is related to an information leak in the Boa webserver, which allows remote, unauthenticated attackers to leak memory addresses of uClibc and the stack. This can be...

4.3CVSS6.9AI score0.00251EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.8 views

PT-2024-28775 · Unknown · Vilo 5 Mesh Wifi System

Name of the Vulnerable Software and Affected Versions: Vilo 5 Mesh WiFi System versions 5.16.1.33 and earlier Description: The issue is related to Insecure Permissions, specifically a lack of authentication in the custom TCP service on port 5432. This allows remote, unauthenticated attackers to...

9.6CVSS7.6AI score0.00356EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.8 views

Vilo Mesh WiFi System 访问控制错误漏洞

Vilo Mesh WiFi System is a wireless system from Vilo. A security vulnerability exists in Vilo Mesh WiFi System version 5.16.1.33 and earlier, which stems from a lack of authentication of a custom TCP service, which makes it vulnerable to attacks with insecure privileges and allows a remote,...

9.6CVSS7.1AI score0.00356EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.5 views

Vilo Mesh WiFi System 安全漏洞

Vilo Mesh WiFi System is a wireless system from Vilo. A security vulnerability exists in Vilo Mesh WiFi System version 5.16.1.33 and earlier, which stems from the presence of an information disclosure that could allow a remote, unauthenticated attacker to disclose the memory address of uClibc and...

4.3CVSS6.2AI score0.00251EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/21 12:0 a.m.25 views

CVE-2024-40087

Vilo 5 Mesh WiFi System = 5.16.1.33 is vulnerable to Insecure Permissions. Lack of authentication in the custom TCP service on port 5432 allows remote, unauthenticated attackers to gain administrative access over the router...

0.00356EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/21 12:0 a.m.30 views

CVE-2024-40084

A Buffer Overflow in the Boa webserver of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via exceptionally long HTTP methods or paths...

0.00595EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/21 12:0 a.m.13 views

CVE-2024-40083

A Buffer Overflow vulnerabilty in the localappsetroutertoken function of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via sscanf reading the token and timezone JSON fields into a fixed-length buffer...

8AI score0.00394EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.8 views

PT-2024-28777 · Vilo · Vilo 5 Mesh Wifi System

Name of the Vulnerable Software and Affected Versions: Vilo 5 Mesh WiFi System versions up to 5.16.1.33 Description: A Command Injection issue allows remote, authenticated attackers to execute arbitrary code by injecting shell commands into the name of the Vilo device. This enables attackers to r...

9.1CVSS8.5AI score0.01193EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/10/21 12:0 a.m.15 views

CVE-2024-40090

Vilo 5 Mesh WiFi System = 5.16.1.33 is vulnerable to Information Disclosure. An information leak in the Boa webserver allows remote, unauthenticated attackers to leak memory addresses of uClibc and the stack via sending a GET request to the index page...

6.6AI score0.00251EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/21 12:0 a.m.13 views

CVE-2024-40084

A Buffer Overflow in the Boa webserver of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via exceptionally long HTTP methods or paths...

8AI score0.00595EPSS
Exploits1References2
Rows per page
Query Builder