Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.10 views

CVE-2026-50224

The web administration panel binds broadly to the public IPv6 address space on port :::8080 without default firewall limits, making internal API endpoints reachable over the WAN...

6.9CVSS5.4AI score0.00234EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 9:26 a.m.22 views

CVE-2026-50224

CVE-2026-50224 describes that the web administration panel binds broadly to the public IPv6 space on port [::]:8080 with no default firewall limits, making internal API endpoints reachable over the WAN. The NVD entry cites a network attack vector with low exploit complexity and no user interactio...

6.9CVSS5.8AI score0.00234EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28591

Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...

8.6CVSS5.8AI score0.00248EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 12:12 p.m.29 views

CVE-2026-8077 Weak credentials vulnerability in the CashDro 3 web administration panel

Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...

8.6CVSS0.00248EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-9451

Malware in sbrugna...

7.2CVSS7AI score0.02848EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-22909

Malware in sbrugna...

6.8CVSS6.6AI score0.00418EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-9450

Malware in sbrugna...

7.2CVSS7AI score0.02848EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.10 views

CVE-2024-22733

TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker...

7.5CVSS7.6AI score0.00582EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:37 p.m.6 views

CVE-2020-35230

Multiple integer overflow parameters were found in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices. Most of the integer parameters sent through the web server can be abused to cause a denial of service attack...

6.8CVSS7.1AI score0.00418EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:31 p.m.10 views

CVE-2020-35223

The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests...

8.8CVSS7.1AI score0.00586EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 p.m.6 views

CVE-2020-17502

Barco TransForm N before 3.8 allows Command Injection issue 2 of 4. The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An...

7.2CVSS8.4AI score0.02848EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/11/01 12:0 a.m.10 views

CVE-2024-22733

TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker...

7.7AI score0.00582EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/11/01 12:0 a.m.23 views

CVE-2024-22733

TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker...

0.00582EPSS
Exploits1References1
CVE
CVE
added 2024/11/01 12:0 a.m.66 views

CVE-2024-22733

TP-Link MR200 V4 firmware 210201 is affected by a null-pointer-dereference in the web administration panel at /cgi/login via the sign, Action, or LoginStatus parameters, leading to denial of service by unauthenticated remote/local attackers. The issue affects the web login handler and is document...

7.5CVSS7.4AI score0.00582EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.7 views

PT-2024-7994 · Tp Link · Tp-Link Mr200

Name of the Vulnerable Software and Affected Versions: TP-Link MR200 version 210201 Description: The issue is related to a null-pointer-dereference problem in the web administration panel of the TP-Link MR200. This problem occurs on the "/cgi/login" endpoint via the sign, Action, or LoginStatus...

7.8CVSS7AI score0.00582EPSS
Exploits1References9
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.5 views

The vulnerability in the web-based administration panel of Microprogramming software for Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 allows a intruder to trigger a service failure or execute arbitrary code.

The vulnerability of the web-based administration panel of Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 networking devices is related to insufficient verification of input parameters. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary cod...

6.8CVSS7AI score0.00418EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.6 views

The vulnerability in the web administration panel of Microprogrammed software for Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 allows a hacker to add IP addresses to a white list.

The vulnerability of the web-based administration panel of Microprogramming software for Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 lies in insufficient verification of input parameters. Exploiting this vulnerability allows an attacker to add IP addresses to a white list using the...

7.2CVSS7.1AI score0.0112EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2021/03/10 6:15 p.m.5 views

CVE-2020-35223

The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests...

8.8CVSS7.3AI score0.00586EPSS
Exploits0References1
NVD
NVD
added 2021/01/08 6:15 p.m.13 views

CVE-2020-17502

Barco TransForm N before 3.8 allows Command Injection issue 2 of 4. The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An...

7.2CVSS7.7AI score0.02848EPSS
Exploits0References3
NVD
NVD
added 2021/01/08 6:15 p.m.7 views

CVE-2020-17503

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in splitcardcmd.php in which the http parameter "lockin...

7.2CVSS7.5AI score0.02848EPSS
Exploits0References3
Rows per page
Query Builder