288 matches found
Improper access control
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...
Input validation
Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...
CVE-2022-45725
CVE-2022-45725 affects Comfast CF-WR6110N router (firmware version 2.3.1). The issue is improper input validation that could allow a remote, adjacent-network attacker to execute arbitrary code via HTTP POST requests. Exploitation details (payloads, specific endpoints, affected firmware variants b...
CVE-2022-45725
Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...
CVE-2022-45724
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...
COMFAST CF-WR6110N 输入验证错误漏洞
The COMFAST CF-WR6110N is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-WR6110N version V2.3.1, which originates from incorrect input validation and allows remote attackers on the same network to execute arbitrary code on the target via an...
CVE-2022-45724
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...
CVE-2022-45725
Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request...
CVE-2022-45724
CVE-2022-45724 concerns the Comfast CF-WR6110N router (v2.3.1) with an Incorrect Access Control flaw. On a network-adjacent host, an attacker can send HTTP requests to an unauthenticated page to force the device to generate a SESSION_ID, which can then be used to perform authenticated requests. T...
COMFAST CF-WR6110N 授权问题漏洞
COMFAST CF-WR6110N is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in the COMFAST CF-WR6110N version V2.3.1, which originates from incorrect access control and allows a remote attacker on the same network to perform any HTTP request to an unauthenticate...
CVE-2022-47701
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...
CVE-2022-47698
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS via the URL filtering feature in the router...
CVE-2022-47699
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...
CVE-2022-47697
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts...
CVE-2022-47701
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS...
CVE-2022-47699
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...
CVE-2022-47697
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts...
CVE-2022-47698
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS via the URL filtering feature in the router...
CVE-2022-47700
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Incorrect Access Control. Improper authentication allows requests to be made to back-end scripts without a valid session or authentication...
Cross site scripting
COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting XSS via the URL filtering feature in the router...