4 matches found
CVE-2019-25470
eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentia...
CVE-2019-25470 eWON Firmware 12.2-13.0 Authentication Bypass via wsdReadForm
eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentia...
CVE-2019-25470
CVE-2019-25470 affects eWON firmware versions 12.2–13.0 and describes an authentication bypass via the wsdReadForm endpoint. An attacker with minimal privileges can issue a POST to /wrcgi.bin/wsdReadForm with base64-encoded partial credentials and a crafted wsdList parameter to retrieve encrypted...
PT-2026-24768
eWON Firmware versions 12.2 to 13.0 contain an authentication bypass vulnerability that allows attackers with minimal privileges to retrieve sensitive user data by exploiting the wsdReadForm endpoint. Attackers can send POST requests to /wrcgi.bin/wsdReadForm with base64-encoded partial credentia...