Lucene search
K

144 matches found

CVE
CVE
added 2024/10/30 1:35 p.m.65 views

CVE-2024-33699

The CVE-2024-33699 entry concerns LevelOne WBR-6012 router firmware version R0.40e6 with a web application weakness enabling password changes without the current password. Talos reports a weak authentication vulnerability (CWE-620) where the admin password can be changed via HTTP requests, potent...

9.9CVSS7.3AI score0.09224EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/10/30 1:35 p.m.52 views

CVE-2024-32946

The vulnerability CVE-2024-32946 affects LevelOne WBR-6012 router firmware R0.40e6. Talos reports that Web and FTP administration traffic is transmitted in cleartext, exposing credentials and other sensitive data to network sniffing. Affected component: router firmware with HTTP/FTP services that...

5.9CVSS6.6AI score0.00282EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/10/30 1:35 p.m.21 views

CVE-2024-33626

The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive information, such as the WiFi WPS PIN, through a hidden page accessible by an HTTP request. Disclosure of this information could enable attackers to connect to the...

5.3CVSS0.00406EPSS
Exploits0References1
CVE
CVE
added 2024/10/30 1:35 p.m.51 views

CVE-2024-33603

CVE-2024-33603 affects LevelOne WBR-6012 router. Cisco Talos (TALOS-2024-1985) documents an information-disclosure flaw in the web application: unauthenticated users can access the verbose system log page (syslog2.htm), exposing sensitive data such as memory addresses, debug messages, and login-a...

5.3CVSS6.5AI score0.08785EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/10/30 1:35 p.m.36 views

CVE-2024-33603

The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users to access a verbose system log page and obtain sensitive data, such as memory addresses and IP addresses for login attempts. This flaw could lead to session hijackin...

5.3CVSS0.08785EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/30 1:35 p.m.11 views

CVE-2024-33626

The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive information, such as the WiFi WPS PIN, through a hidden page accessible by an HTTP request. Disclosure of this information could enable attackers to connect to the...

5.3CVSS6.5AI score0.00406EPSS
Exploits0References1
CVE
CVE
added 2024/10/30 1:35 p.m.52 views

CVE-2024-33626

CVE-2024-33626 affects LevelOne WBR-6012. Cisco TALOS confirms a web application information-disclosure vulnerability that exposes the WiFi WPS PIN via a hidden page accessible over HTTP. Confirmed vulnerable version: LevelOne WBR-6012 R0.40e6. Exploitation could enable an attacker to connect to ...

5.3CVSS6.5AI score0.00406EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/30 1:35 p.m.16 views

CVE-2024-33603

The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users to access a verbose system log page and obtain sensitive data, such as memory addresses and IP addresses for login attempts. This flaw could lead to session hijackin...

5.3CVSS6.5AI score0.08785EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/30 1:35 p.m.17 views

CVE-2024-23309

The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...

9CVSS7.5AI score0.00914EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/30 1:35 p.m.42 views

CVE-2024-23309

The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...

9CVSS0.00914EPSS
Exploits1References1
CVE
CVE
added 2024/10/30 1:35 p.m.49 views

CVE-2024-23309

CVE-2024-23309 affects LevelOne WBR-6012 router with firmware R0.40e6, where the web application authenticates based on the client IP rather than a session token. Talos documents a vulnerability in the web UI that allows an attacker to spoof the client IP and gain unauthorized access, bypassing a...

9CVSS7.5AI score0.00914EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/10/30 1:35 p.m.54 views

CVE-2024-33623

CVE-2024-33623 affects LevelOne WBR-6012 router (R0.40e6). Talos notes an unauthenticated HTTP POST to /upg or /upg/fwug can trigger a crash/reboot due to improper handling of POST data (looping until a carriage return). The vulnerability resides in the web application, with exploitation leading ...

7.5CVSS6.8AI score0.11434EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/30 1:35 p.m.15 views

CVE-2024-33700

The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption...

7.5CVSS6.9AI score0.0083EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/30 1:35 p.m.14 views

CVE-2024-33623

A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability...

3.7CVSS6.8AI score0.11434EPSS
Exploits1References1
CVE
CVE
added 2024/10/30 1:35 p.m.57 views

CVE-2024-33700

CVE-2024-33700 concerns the LevelOne WBR-6012 router, firmware R0.40e6, where a vulnerability in the FTP handling causes denial of service via a series of malformed, unauthenticated FTP commands. The root cause is improper input validation within the FTP functionality, allowing crafted FTP inputs...

7.5CVSS6.9AI score0.0083EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/10/30 1:35 p.m.18 views

CVE-2024-33623

A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability...

3.7CVSS0.11434EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/30 1:35 p.m.18 views

CVE-2024-33700

The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption...

7.5CVSS0.0083EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/30 12:0 a.m.3 views

LevelOne WBR-6012 跨站请求伪造漏洞

The LevelOne WBR-6012 is a wireless router from LevelOne. The LevelOne WBR-6012 suffers from a cross-site request forgery vulnerability that stems from a cross-site request forgery CSRF vulnerability in a web application function...

8.8CVSS6.7AI score0.07028EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/30 12:0 a.m.4 views

LevelOne WBR-6012 信息泄露漏洞

The LevelOne WBR-6012 is a wireless router from LevelOne. An information disclosure vulnerability exists in the LevelOne WBR-6012 that originates from an unauthenticated user being able to access detailed system log pages and obtain sensitive data...

5.3CVSS6AI score0.08785EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/30 12:0 a.m.2 views

LevelOne WBR-6012 安全漏洞

The LevelOne WBR-6012 is a wireless router from LevelOne. A security vulnerability exists in the LevelOne WBR-6012 that stems from a denial of service vulnerability in the web application functionality. A specially crafted HTTP request could result in a reboot...

7.5CVSS6.5AI score0.11434EPSS
Exploits1References1
Rows per page
Query Builder