Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/10 10:10 a.m.17 views

CVE-2025-3758

WF2220 exposes endpoint /cgi-bin-igd/netcoreget.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way...

8.7CVSS6.3AI score0.00195EPSS
Exploits0References1
Circl
Circl
added 2025/05/08 12:31 p.m.15 views

CVE-2025-3758

creationtimestamp| type| source ---|---|--- 2025-05-08 12:31:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lonw6biat42p 2025-05-08 13:26:00+00:00| seen| https://t.me/cvedetector/24812 2025-05-08 14:05:34+00:00| seen|...

8.7CVSS4.8AI score0.00195EPSS
Exploits0References4
NVD
NVD
added 2025/05/08 10:15 a.m.17 views

CVE-2025-3758

WF2220 exposes endpoint /cgi-bin-igd/netcoreget.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way...

8.7CVSS0.00195EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/08 10:5 a.m.4 views

CVE-2025-3758 Exposure of Device Configuration without Authentication in WF2220

WF2220 exposes endpoint /cgi-bin-igd/netcoreget.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way...

8.7CVSS6.3AI score0.00195EPSS
Exploits0References2
CVE
CVE
added 2025/05/08 10:5 a.m.55 views

CVE-2025-3758

CVE-2025-3758 affects WF2220. The issue is an exposed endpoint /cgi-bin-igd/netcore_get.cgi that returns device configuration to unauthorized users, including cleartext passwords. This is a direct confidentiality and integrity risk (per CVSS data: HIGH confidentiality/integrity, adjacent attack v...

8.7CVSS6.3AI score0.00195EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/08 10:5 a.m.23 views

CVE-2025-3758 Exposure of Device Configuration without Authentication in WF2220

WF2220 exposes endpoint /cgi-bin-igd/netcoreget.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way...

8.7CVSS0.00195EPSS
Exploits0References2
Rows per page
Query Builder