CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

0day.today•added 2018/05/04 12:0 a.m.•97 views

TP-Link EAP Controller CSRF / Hard-Coded Key / XSS Vulnerabilities

TP-Link EAP suffers from hard-coded credential, cross site request forgery, cross site scripting, and other vulnerabilities. TP-Link EAP Controller Multiple Vulnerabilities 1. Advisory Information Title: TP-Link EAP Controller Multiple Vulnerabilities Advisory ID: CORE-2018-0001 Advisory URL:...

0.3AI score0.01572EPSS

Exploits7

Cvelist•added 2018/05/03 6:0 p.m.•24 views

CVE-2018-10167

The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in...

7.6AI score0.01206EPSS

Exploits3References2

CVE•added 2018/05/03 6:0 p.m.•51 views

CVE-2018-10167

TP-Link EAP Controller and Omada Controller (Windows) versions 2.5.4_Windows and 2.6.0_Windows are affected by CVE-2018-10167 due to a hard-coded cryptographic key used to encrypt the web app backup file. A low-privilege user can decrypt and modify the backup to escalate privileges, including cre...

7.5CVSS7.5AI score0.01206EPSS

Exploits3References2Affected Software1

Core Security•added 2018/05/03 12:0 a.m.•1782 views

TP-Link EAP Controller Multiple Vulnerabilities

1. Advisory Information Title: TP-Link EAP Controller Multiple Vulnerabilities Advisory ID: CORE-2018-0001 Advisory URL:http://www.coresecurity.com/core-labs/advisories/tp-link-eap-controller-multiple-vulnerabilities Date published: 2018-05-03 Date of last update: 2018-05-03 Vendors contacted:...

8.8CVSS8.1AI score0.01572EPSS

Exploits7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by