31 matches found
CVE-2025-7072
The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text shared across all routers of this model that an unauthenticated remote attacker could use to execute commands with root privileges. This vulnerability has been fixed in firmware version: 1.00.67 for...
CVE-2025-7072
The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text shared across all routers of this model that an unauthenticated remote attacker could use to execute commands with root privileges. This vulnerability has been fixed in firmware version: 1.00.67 for...
CVE-2025-7072 Hardcoded credentials in KAON CG3000T/CG3000CT routers
The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text shared across all routers of this model that an unauthenticated remote attacker could use to execute commands with root privileges. This vulnerability has been fixed in firmware version: 1.00.67 for...
CVE-2025-7072 Hardcoded credentials in KAON CG3000T/CG3000CT routers
The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text shared across all routers of this model that an unauthenticated remote attacker could use to execute commands with root privileges. This vulnerability has been fixed in firmware version: 1.00.67 for...
CVE-2025-7072
CVE-2025-7072 affects KAON CG3000TC and CG3000T routers. The firmware contains hard-coded credentials in clear text shared across all units, enabling an unauthenticated remote attacker to execute commands with root privileges. Affected versions are prior to 1.00.67 (CG3000TC) and prior to 1.00.27...
KAON CG3000TC和KAON CG3000T 信任管理问题漏洞
The KAON CG3000TC and KAON CG3000T are both high-performance wireless gateways from KAON Japan. The KAON CG3000TC and KAON CG3000T suffer from a trust management issue vulnerability that stems from firmware containing hard-coded plaintext credentials, which could allow an unauthenticated, remote...
PT-2026-1956
Name of the Vulnerable Software and Affected Versions KAON CG3000TC versions prior to 1.00.67 KAON CG3000T versions prior to 1.00.27 Description The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text, shared across all routers of these models. An...
EUVD-2024-49352
Malicious code in bioql PyPI...
JVN#46288336: KCM3100 vulnerable to authentication bypass using an alternate path or channel
KCM3100 provided by KAON is a Wi-Fi enabled gateway. KCM3100 contains the following vulnerability. Authentication bypass using an alternate path or channel CWE-288 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Scor...
KAON KCM3100 安全漏洞
KAON KCM3100 is a WiFi device from KAON Japan. A security vulnerability exists in KAON KCM3100 Ver1.4.2 and earlier versions, which stems from an authentication bypass that could lead to unauthorized access...
CVE-2024-8693
A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipulation of the argument -h with the input leads to cross site scripting. The attack may be launched...
CVE-2024-8693
A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipulation of the argument -h with the input alert'XSS' leads to cross site scripting. The attack may be...
CVE-2024-8693
CVE-2024-8693 affects Kaon CG3000 1.01.43: the dhcpcd Command Handler’s -h argument can be manipulated to trigger cross-site scripting. The vulnerability enables remote exploitation and the public disclosure of the exploit is noted. Multiple sources (NVD/Red Hat listing, PT Security, CN) confirm ...
CVE-2024-8693 Kaon CG3000 dhcpcd Command cross site scripting
A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipulation of the argument -h with the input alert'XSS' leads to cross site scripting. The attack may be...
CVE-2024-8693 Kaon CG3000 dhcpcd Command cross site scripting
A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipulation of the argument -h with the input alert'XSS' leads to cross site scripting. The attack may be...
CLARO KAON CG3000 跨站脚本漏洞
CLARO KAON CG3000 is a router from the Brazilian company CLARO. A cross-site scripting vulnerability exists in CLARO KAON CG3000 version 1.01.43, which stems from the parameter -h of the component dhcpcd Command Handler can lead to cross-site scripting attacks...
PT-2024-39180 · Kaon · Kaon Cg3000
Name of the Vulnerable Software and Affected Versions: Kaon CG3000 version 1.01.43 Description: A problematic issue has been found in the dhcpcd Command Handler component, allowing for cross-site scripting through the manipulation of the argument -h with malicious input, such as alert'XSS'. This...
CVE-2024-3659
Firmware in KAON AR2140 routers, prior to versions 3.2.50 and 4.2.16, is vulnerable to a shell command injection via sending a crafted request to one of the endpoints. In order to exploit this vulnerability, one has to have access to the administrative portal of the router...
CVE-2024-3659
Firmware in KAON AR2140 routers, prior to versions 3.2.50 and 4.2.16, is vulnerable to a shell command injection via sending a crafted request to one of the endpoints. In order to exploit this vulnerability, one has to have access to the administrative portal of the router...
CVE-2024-3659 Command injection in KAON AR2140 routers
Firmware in KAON AR2140 routers, prior to versions 3.2.50 and 4.2.16, is vulnerable to a shell command injection via sending a crafted request to one of the endpoints. In order to exploit this vulnerability, one has to have access to the administrative portal of the router...