7 matches found
EUVD-2022-38983
Malicious code in bioql PyPI...
CVE-2024-33626
The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive information, such as the WiFi WPS PIN, through a hidden page accessible by an HTTP request. Disclosure of this information could enable attackers to connect to the...
CVE-2022-36158
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page /usr/www/ja/mntcmd.cgi...
Design/Logic Flaw
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page /usr/www/ja/mntcmd.cgi...
CVE-2022-36158
Contec FXA3200 (and FLEXLAN FX3000/FX2000 series) versions 1.13.00 and earlier are affected by CVE-2022-36158 due to Insecure Permissions in the Wireless LAN Manager interface, enabling execution of Linux commands with root privileges via a hidden web page (/usr/www/ja/mnt_cmd.cgi). Impact is hig...
CVE-2022-36265
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the devi...
Design/Logic Flaw
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the devi...