21 matches found
EUVD-2019-17782
Malware in sbrugna...
EUVD-2025-13259
Malicious code in bioql PyPI...
CVE-2025-46635
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker who is authenticated to the guest Wi-Fi to access resources on the router and/or resources and devices on other...
CVE-2025-46635
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker who is authenticated to the guest Wi-Fi to access resources on the router and/or resources and devices on other...
CVE-2025-46635
CVE-2025-46635 relates to Tenda RX2 Pro (firmware 16.03.30.14). The issue is improper network isolation between the guest Wi‑Fi network and other router interfaces, enabling an authenticated guest to access router resources and other networks by configuring a static IP in the non‑guest subnet on ...
CVE-2025-46635
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker who is authenticated to the guest Wi-Fi to access resources on the router and/or resources and devices on other...
PT-2025-18709 · Tenda · Tenda Rx2 Pro
Name of the Vulnerable Software and Affected Versions: Tenda RX2 Pro version 16.03.30.14 Description: An issue was discovered that allows an attacker, who is authenticated to the guest Wi-Fi network, to access resources on the router and/or resources and devices on other networks hosted by the...
CVE-2025-46635
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker who is authenticated to the guest Wi-Fi to access resources on the router and/or resources and devices on other...
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with...
CVE-2019-8392
An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to enable Guest Wi-Fi via the SetWLanRadioSettings HNAP API to the web service provided by /bin/goahead...
Design/Logic Flaw
An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to enable Guest Wi-Fi via the SetWLanRadioSettings HNAP API to the web service provided by /bin/goahead...
CVE-2019-8392
An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to enable Guest Wi-Fi via the SetWLanRadioSettings HNAP API to the web service provided by /bin/goahead...
CVE-2019-8392
The CVE affects D-Link DIR-823G routers running firmware 1.02B03. Root cause is improper access control permitting remote attackers to enable Guest Wi‑Fi via the SetWLanRadioSettings HNAP API on the web service at /bin/goahead. Documented impact is the ability to enable guest access remotely; no ...
Command injection
OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data...
Tailoring YouTube for Your Requirements
Did you know around 300 hours of video content is uploaded to YouTube every minute of every day? That's a staggering amount of content. However, while a huge amount of that uploaded content is harmless and innocuous - think fluffy kittens - YouTube is also the destination of choice for a large...
CVE-2018-6023
Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc...
Cross site request forgery (csrf)
Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc...
CVE-2018-6023
Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc...
CVE-2018-6023
Affected product: Fastweb FASTgate 0.00.47 router. Vulnerability: Cross-site request forgery (CSRF) that allows attackers to modify configuration, including changing the Wi‑Fi password and activating Guest Wi‑Fi. Root cause: CSRF in the device’s web interface enabling unauthorized authenticated a...
Fastweb FASTGate 0.00.47 Cross Site Request Forgery
Exploit Title: Fastweb FASTgate 0.00.47 CSRF Date: 09-05-2018 Exploit Authors: Raffaele Sabato Contact: https://twitter.com/syrion89 Vendor: Fastweb Product Web Page: http://www.fastweb.it/adsl-fibra-ottica/dettagli/modem-fastweb-fastgate/ Version: 0.00.47 CVE: CVE-2018-6023 I DESCRIPTION...