686 matches found
CVE-2026-30704
The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...
CVE-2026-30702
The affected hardware is the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The vulnerability is a broken authentication mechanism in the web management interface; the login page fails to enforce proper session validation, allowing attackers to bypass authentication by directly accessing...
CVE-2026-30703
A command injection vulnerability exists in the web management interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02. The adm.cgi endpoint improperly sanitizes user-supplied input provided to a command-related parameter in the sysCMD functionality...
Yuner Yipu WiFi Extender WDR201A 安全漏洞
Yuner Yipu WiFi Extender WDR201A is a WiFi signal amplifier produced by the Chinese company Yuner Yipu. There is a security vulnerability present in the Yuner Yipu WiFi Extender WDR201A. This vulnerability stems from the improper handling of user input related to command parameters in the sysCMD...
CVE-2026-30704
The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...
CVE-2026-30701
The CVE-2026-30701 affects the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The vulnerability arises from hardcoded credential disclosure mechanisms using Server Side Include across server-side pages such as login.shtml and settings.shtml, which dynamically retrieve and expose the web ...
PT-2026-26107
The web interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 contains hardcoded credential disclosure mechanisms in the form of Server Side Include within multiple server-side web pages, including login.shtml and settings.shtml. These pages embed server-side execution directives...
CVE-2026-30704
The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...
CVE-2026-30702
The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 implements a broken authentication mechanism in its web management interface. The login page does not properly enforce session validation, allowing attackers to bypass authentication by directly accessing restricted web application endpoint...
PT-2026-26109
A command injection vulnerability exists in the web management interface of the WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02. The adm.cgi endpoint improperly sanitizes user-supplied input provided to a command-related parameter in the sysCMD functionality...
CVE-2026-30704
CVE-2026-30704 affects the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The issue is an unprotected UART interface exposed via accessible PCB pads, as described in multiple sources (NVD, Red Hat, ENISA/EUVD, CVE entry). The exposure is the root cause, enabling potential direct hardware...
Security Bulletin: IBM Transformation Extender Advanced is affected by a IBM WebSphere Application Server Liberty vulnerability
Summary IBM WebSphere Application Server Liberty is used by IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine. Liberty has been updated to address CVE-2025-14923 which causes a weaker then expected security posture when using the Security Utility contained in...
Security Bulletin: IBM Transformation Extender Advanced is affected by a IBM WebSphere Application Server Liberty vulnerability
Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable to IBM WebSphere Application Server Liberty's remote code execution vulnerability CVE-2025-14914 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Java 8 vulnerabilities
Summary IBM Sterling Transformation Extender uses IBM SDK, Java Technology Edition, Version 8 and is affected by multiple vulnerabilities CVE-2026-21945, CVE-2026-21932, CVE-2026-21933 and CVE-2026-21925. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of...
Edimax EW-7438RPn-v3 Mini 操作系统命令注入漏洞
The Edimax EW-7438RPn-v3 Mini is a mini wireless signal extender produced by Edimax of Taiwan, China. Version 1.27 of the Edimax EW-7438RPn-v3 Mini has a vulnerability related to operating system command injection. This vulnerability stems from remote command execution at the /goform/mp endpoint,...
Edimax EW-7438RPn 跨站请求伪造漏洞
The Edimax EW-7438RPn is a wireless signal extender produced by Edimax Corporation of Taiwan, China. Version 1.13 of the Edimax EW-7438RPn contains a cross-site request forgeing vulnerability. This vulnerability stems from a cross-site request forgeing flaw in the MAC filtering configuration...
CVE-2026-0408
NETGEAR WiFi range extenders are affected by CVE-2026-0408 due to a path traversal vulnerability that allows an attacker with LAN authentication to access the router’s IP and read the dynamically generated webproc file, which contains the username and password submitted to the router GUI. Affecte...
CVE-2018-12694
TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service reboot via data/reboot.json...
CVE-2019-11535
Unsanitized user input in the web interface for Linksys WiFi extender products RE6400 and RE6300 through 1.2.04.022 allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI...
CVE-2023-49881
IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...