136 matches found
CVE-2019-12789
An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence Ctrl-\ to obtain a shell with root privileges. After gaining root access, the attacker can...
CVE-2013-3097
Unspecified Cross-site scripting XSS vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router...
The vulnerability of the HTTP-server of the microprogrammed Wi-Fi range extension software from Actiontec, the WCB6200Q, allows a hacker to execute arbitrary code.
The vulnerability of the HTTP-server of the microprogrammed Wi-Fi range extension software Actiontec WCB6200Q is related to the use of uncontrolled format strings in processing HTTP request headers. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the HTTP-server of the microprogrammed Wi-Fi range extension software from Actiontec, the WCB6200Q, allows a hacker to execute arbitrary code.
The vulnerability of the HTTP-server of the microprogrammed Wi-Fi extension software from Actiontec, WCB6200Q, is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the uh_get_postdata_withupload() function on the HTTP server of the Actiontec WCB6200Q Wi-Fi extension software allows a hacker to execute arbitrary code.
The vulnerability of the uhgetpostdatawithupload function on the HTTP server of the Actiontec WCB6200Q Wi-Fi extension software-related microprogramming devices is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to...
The vulnerability of the uh_tcp_recv_content() function in the HTTP-server of the microprogrammed Wi-Fi extension software from Actiontec WCB6200Q allows a hacker to execute arbitrary code.
The vulnerability of the uhtcprecvcontent function on the HTTP-server of the Actiontec WCB6200Q Wi-Fi extension software-related microprogramming devices is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker operati...
CVE-2024-6145
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...
CVE-2024-6146
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6146
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6144
Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6145
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...
CVE-2024-6143
Actiontec WCB6200Q uhtcprecvheader Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specifi...
CVE-2024-6143
Actiontec WCB6200Q uhtcprecvheader Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specifi...
CVE-2024-6142
Actiontec WCB6200Q uhtcprecvcontent Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specif...
CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6146
CVE-2024-6146 concerns Actiontec WCB6200Q with a stack-based buffer overflow in the HTTP server function responsible for handling postdata with upload (uh_get_postdata_withupload). The flaw arises from insufficient validation of user-supplied data length before copying into a fixed-length stack-b...
CVE-2024-6146 Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability
Actiontec WCB6200Q uhgetpostdatawithupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...
CVE-2024-6145
The CVE-2024-6145 entry concerns Actiontec WCB6200Q routers. Concrete details in connected documents show that the vulnerability exists in the HTTP server, where a crafted Cookie header can trigger a format specifier from a user-supplied string, allowing a network-adjacent attacker to execute arb...
CVE-2024-6145 Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...
CVE-2024-6145 Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...