Lucene search
+L

56 matches found

Vulnrichment
Vulnrichment
added 2023/08/23 9:47 p.m.22 views

CVE-2023-41028 Juplink RX4-1500 Stack-based Buffer Overflow Vulnerability

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root...

9CVSS7.6AI score0.00777EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/23 9:47 p.m.28 views

CVE-2023-41028 Juplink RX4-1500 Stack-based Buffer Overflow Vulnerability

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root...

9CVSS9.5AI score0.00777EPSS
Exploits0References1
CVE
CVE
added 2023/08/23 9:47 p.m.69 views

CVE-2023-41028

CVE-2023-41028 affects Juplink RX4-1500 WiFi routers (versions 1.0.2–1.0.5). A stack-based buffer overflow allows an authenticated attacker to achieve code execution as root. Rooted in the vulnerable handling of input data, the issue enables unrestricted code execution with high impact. Mitigatio...

9CVSS9AI score0.00777EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/23 12:0 a.m.7 views

PT-2023-27748 · Unknown · Juplink Rx4-1500

Name of the Vulnerable Software and Affected Versions: Juplink RX4-1500 versions 1.0.2 through 1.0.5 Description: A stack-based buffer overflow exists in the Juplink RX4-1500 WiFi router. An authenticated attacker can exploit this issue to achieve code execution as root. Recommendations: For...

9CVSS8.9AI score0.00777EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/30 12:0 a.m.8 views

PT-2023-5281 · Unknown · Juplink Rx4-1500

Name of the Vulnerable Software and Affected Versions: Juplink RX4-1500 versions V1.0.2 through V1.0.5 Description: The issue is related to the use of hard-coded credentials in the Juplink RX4-1500 WI-FI router's software. This allows unauthenticated attackers to log in to the web interface or...

9.8CVSS9.3AI score0.00583EPSS
Exploits0References8
CNVD
CNVD
added 2020/04/24 12:0 a.m.6 views

Juplink Intelligent Technologies RX4-1500 Injection Vulnerability

The Juplink Intelligent Technologies RX4-1500 is a wireless router from Juplink Intelligent Technologies. A security vulnerability exists in the Juplink Intelligent Technologies RX4-1500 v1.0.3, which originates from the program failing to clean user input before executing it. A remote attacker...

6.9CVSS6.9AI score0.00895EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/24 12:0 a.m.5 views

Juplink Intelligent Technologies RX4-1500 Unauthorized Operation Vulnerability

The Juplink Intelligent Technologies RX4-1500 is a wireless router from Juplink Intelligent Technologies. A security vulnerability exists in httpd in the Juplink Intelligent Technologies RX4-1500 versions v1.0.3 through v1.0.5. A remote attacker could use this vulnerability to modify or access...

5.5CVSS6.9AI score0.0039EPSS
Exploits1References1
Prion
Prion
added 2020/04/23 7:15 p.m.19 views

Design/Logic Flaw

httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to change or access router settings by connecting to the unauthenticated setup3.htm endpoint from the local network...

2.1CVSS5.6AI score0.0039EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/04/23 7:15 p.m.4 views

CVE-2020-8798

httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to change or access router settings by connecting to the unauthenticated setup3.htm endpoint from the local network...

5.5CVSS5.5AI score0.0039EPSS
Exploits1References2
OSV
OSV
added 2020/04/23 6:15 p.m.5 views

CVE-2020-8797

Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call aka Command Line Injection, if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network...

6.7CVSS5.8AI score0.00895EPSS
Exploits1References1
NVD
NVD
added 2020/04/23 6:15 p.m.25 views

CVE-2020-8797

Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call aka Command Line Injection, if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network...

6.9CVSS6.7AI score0.00895EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2020/04/23 6:15 p.m.4 views

CVE-2020-8797

Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call aka Command Line Injection, if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network...

6.9CVSS5.5AI score0.00895EPSS
Exploits1References2
CVE
CVE
added 2020/04/23 6:3 p.m.51 views

CVE-2020-8798

The vulnerability CVE-2020-8798 affects Juplink RX4-1500 routers (firmware versions v1.0.3–v1.0.5). The httpd service exposes an unauthenticated setup3.htm endpoint on the local network, which allows remote attackers to change or access router settings. The exposed detail in connected CNVD/NVD en...

5.5CVSS5.6AI score0.0039EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/04/23 6:3 p.m.20 views

CVE-2020-8798

httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to change or access router settings by connecting to the unauthenticated setup3.htm endpoint from the local network...

5.6AI score0.0039EPSS
Exploits1References1
CVE
CVE
added 2020/04/23 6:1 p.m.47 views

CVE-2020-8797

Juplink RX4-1500 v1.0.3 is affected by CVE-2020-8797 due to a command injection from an unsanitized exec call when the telnetd service is enabled and an admin can authenticate from the local network. This allows a local attacker to gain root access to the Linux subsystem. The connected sources pr...

6.9CVSS6.7AI score0.00895EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/04/23 6:1 p.m.23 views

CVE-2020-8797

Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call aka Command Line Injection, if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network...

6.8AI score0.00895EPSS
Exploits1References1
Rows per page
Query Builder