4 matches found
CVE-2020-11964
In IQrouter through 3.3.1, the Lua function diagsetpassword in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration which has a...
CVE-2020-11964
IQrouter up to version 3.3.1 is affected by CVE-2020-11964 due to a vulnerability in the web-panel Lua function diag_set_password, which remote attackers can abuse to change the root password arbitrarily. Affected product: IQrouter firmware
IQrouter 3.3.1 Firmware - Remote Code Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: IQrouter 3.3.1 Firmware - Remote Code Execution Exploit Author: drakylar Vendor Homepage: https://evenroute.com/ Software Link: https://evenroute.com/iqrouter Version: IQrouter firmware up to 3.3.1 Tested on: IQrouter...
IQrouter 3.3.1 Firmware - Remote Code Execution
Exploit Title: IQrouter 3.3.1 Firmware - Remote Code Execution Date: 2020-04-21 Exploit Author: drakylar Vendor Homepage: https://evenroute.com/ Software Link: https://evenroute.com/iqrouter Version: IQrouter firmware up to 3.3.1 Tested on: IQrouter firmware 3.3.1 CVE : N/A !/usr/bin/env python3...