CVE-2025-63363

CVE-2025-63363 affects Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi‑Fi Gateway. The root cause is a lack of Management Frame Protection in firmware version 3.1.1.0 (HW 4.3.2.1; Webpage 7.04T.07.002880.0301), enabling de‑authentication attacks via crafted frames broadcast without auth...

Zyxel ATP series firmware和Zyxel USG FLEX series firmware 操作系统命令注入漏洞

Zyxel ATP series firmware and Zyxel USG FLEX series firmware are both products of the Chinese company Zyxel.Zyxel ATP series firmware is a series of firewall firmware.Zyxel USG FLEX series firmware is a series of Zyxel ATP series firmware is a series of firewall firmware. The Zyxel ATP series...

CVE-2024-12012

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 hash of the password as well as the session tokens are included as part of the URL and therefore exposed to information leakage...

CVE-2024-12013

A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform...

Zyxel多款产品 代码问题漏洞

Zyxel USG20W-VPN and others are products of China Hopkins Zyxel.Zyxel USG20W-VPN is a firewall appliance for use in corporate environments.Zyxel ATP series firmware is a series of firewall firmwares.Zyxel USG FLEX series firmware is a series of Zyxel USG FLEX series firmware is a series of securi...

CVE-2023-32156

Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in ord...

CVE-2023-6398

A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50W series firmware versions from 4.16 through 5.37 Patch 1, USG20W-VPN...

CVE-2023-31446

In Cassia Gateway firmware XC10002.1.1.2303082218 and XC20002.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup...

CVE-2019-3914

Remote command injection vulnerability in Verizon Fios Quantum Gateway G1100 firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname...

CVE-2007-6707

Multiple cross-site scripting XSS vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574...