Lucene search
K

686 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/18 12:0 a.m.5 views

CVE-2026-30704

The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...

5.8AI score0.00307EPSS
Exploits0References3
CVE
CVE
added 2026/03/18 12:0 a.m.9 views

CVE-2026-30702

The affected hardware is the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The vulnerability is a broken authentication mechanism in the web management interface; the login page fails to enforce proper session validation, allowing attackers to bypass authentication by directly accessing...

9.8CVSS5.8AI score0.00369EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/18 12:0 a.m.19 views

CVE-2026-30703

A command injection vulnerability exists in the web management interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02. The adm.cgi endpoint improperly sanitizes user-supplied input provided to a command-related parameter in the sysCMD functionality...

0.01046EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.11 views

Yuner Yipu WiFi Extender WDR201A 安全漏洞

Yuner Yipu WiFi Extender WDR201A is a WiFi signal amplifier produced by the Chinese company Yuner Yipu. There is a security vulnerability present in the Yuner Yipu WiFi Extender WDR201A. This vulnerability stems from the improper handling of user input related to command parameters in the sysCMD...

9.8CVSS5.8AI score0.01046EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/18 12:0 a.m.22 views

CVE-2026-30704

The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...

0.00307EPSS
Exploits0References2
CVE
CVE
added 2026/03/18 12:0 a.m.14 views

CVE-2026-30701

The CVE-2026-30701 affects the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The vulnerability arises from hardcoded credential disclosure mechanisms using Server Side Include across server-side pages such as login.shtml and settings.shtml, which dynamically retrieve and expose the web ...

9.1CVSS5.9AI score0.00382EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.6 views

PT-2026-26107

The web interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 contains hardcoded credential disclosure mechanisms in the form of Server Side Include within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives...

5.9AI score0.00382EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/18 12:0 a.m.1 views

CVE-2026-30704

The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...

5.8AI score0.00307EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/18 12:0 a.m.3 views

CVE-2026-30702

The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 implements a broken authentication mechanism in its web management interface. The login page does not properly enforce session validation, allowing attackers to bypass authentication by directly accessing restricted web application endpoint...

5.8AI score0.00369EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.6 views

PT-2026-26109

A command injection vulnerability exists in the web management interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02. The adm.cgi endpoint improperly sanitizes user-supplied input provided to a command-related parameter in the sysCMD functionality...

5.8AI score0.01046EPSS
Exploits0References4
CVE
CVE
added 2026/03/18 12:0 a.m.12 views

CVE-2026-30704

CVE-2026-30704 affects the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The issue is an unprotected UART interface exposed via accessible PCB pads, as described in multiple sources (NVD, Red Hat, ENISA/EUVD, CVE entry). The exposure is the root cause, enabling potential direct hardware...

9.1CVSS5.8AI score0.00307EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/17 6:50 a.m.9 views

Security Bulletin: IBM Transformation Extender Advanced is affected by a IBM WebSphere Application Server Liberty vulnerability

Summary IBM WebSphere Application Server Liberty is used by IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine. Liberty has been updated to address CVE-2025-14923 which causes a weaker then expected security posture when using the Security Utility contained in...

9.8CVSS5.7AI score0.00173EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/04 9:48 a.m.47 views

Security Bulletin: IBM Transformation Extender Advanced is affected by a IBM WebSphere Application Server Liberty vulnerability

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable to IBM WebSphere Application Server Liberty's remote code execution vulnerability CVE-2025-14914 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.6CVSS6.6AI score0.0039EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/18 4:5 p.m.14 views

Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Java 8 vulnerabilities

Summary IBM Sterling Transformation Extender uses IBM SDK, Java Technology Edition, Version 8 and is affected by multiple vulnerabilities CVE-2026-21945, CVE-2026-21932, CVE-2026-21933 and CVE-2026-21925. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of...

7.5CVSS5.7AI score0.00864EPSS
Exploits1Affected Software1
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.9 views

Edimax EW-7438RPn-v3 Mini 操作系统命令注入漏洞

The Edimax EW-7438RPn-v3 Mini is a mini wireless signal extender produced by Edimax of Taiwan, China. Version 1.27 of the Edimax EW-7438RPn-v3 Mini has a vulnerability related to operating system command injection. This vulnerability stems from remote command execution at the /goform/mp endpoint,...

9.8CVSS6.1AI score0.06301EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.10 views

Edimax EW-7438RPn 跨站请求伪造漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax Corporation of Taiwan, China. Version 1.13 of the Edimax EW-7438RPn contains a cross-site request forgeing vulnerability. This vulnerability stems from a cross-site request forgeing flaw in the MAC filtering configuration...

5.3CVSS5.7AI score0.00145EPSS
Exploits1References3
CVE
CVE
added 2026/01/13 4:1 p.m.18 views

CVE-2026-0408

NETGEAR WiFi range extenders are affected by CVE-2026-0408 due to a path traversal vulnerability that allows an attacker with LAN authentication to access the router’s IP and read the dynamically generated webproc file, which contains the username and password submitted to the router GUI. Affecte...

8.6CVSS6.8AI score0.00228EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.6 views

CVE-2018-12694

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service reboot via data/reboot.json...

7.8CVSS7AI score0.01464EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:12 a.m.12 views

CVE-2019-11535

Unsanitized user input in the web interface for Linksys WiFi extender products RE6400 and RE6300 through 1.2.04.022 allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI...

10CVSS7.6AI score0.05053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.4 views

CVE-2023-49881

IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

8.8CVSS6.5AI score0.00204EPSS
Exploits0References1
Rows per page
Query Builder