14 matches found
CVE-2026-24498
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIM...
CVE-2025-55423
A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...
CVE-2025-55423
A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...
CVE-2025-55423
A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...
CVE-2025-55423
CVE-2025-55423 is an OS command-injection vulnerability in the upnp_relay() function affecting ipTIME routers across numerous models (e.g., A2003NS-MU, N600, A604-V3, A6ns-M, V508, N704QCA, A8ns-M, A304, A3004NS-M, A5004NS-M, A9004M, N702R, A604M, A804NS-MU, N804R, A7004M, A8004T, A604G-MU, A3008...
CVE-2025-55423
A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...
CVE-2025-55423
A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...
PT-2026-3636
Name of the Vulnerable Software and Affected Versions ipTIME routers A2003NS-MU versions 10.00.6 through 12.16.2 ipTIME routers N600 versions 10.00.8 through 12.16.2 ipTIME routers A604-V3 versions 10.01.6 through 10.07.2 ipTIME routers A6ns-M versions 10.01.6 through 14.19.4 ipTIME routers V508...
EFM ipTIME Routers security vulnerabilities
EFM ipTIME Routers are a series of routers produced by the South Korean company EFM. The EFM ipTIME Routers have a security vulnerability, which stems from an OS command injection vulnerability in the upnp-relay function. The following products and versions are affected: A2003NS-MU version 10.00....
CVE-2025-55423
A command injection vulnerability exists in the upnprelay function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system without proper validation or sanitization, allowing OS command injection...
ipTime routers code execution
Code execution via shell characters injection into DHCP request hostname...
127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request Advisory URL: https://pierrekim.github.io/advisories/2015-iptime-0x02.txt Blog URL:...
ipTIME DHCP Remote Command Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request Advisory URL: https://pierrekim.github.io/advisories/2015-iptime-0x02.txt Blog URL:...
Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Please find a text-only version below sent to security mailing-lists. The complete version on exploits about my last advisory of ipTIME products is posted here:...