Lucene search
K

104 matches found

RedhatCVE
RedhatCVE
added 2026/01/28 3:18 p.m.8 views

CVE-2025-12387

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

6.9CVSS6AI score0.00659EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/28 3:18 p.m.8 views

CVE-2025-12386

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References1
NVD
NVD
added 2026/01/27 12:15 p.m.8 views

CVE-2025-12386

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS0.00653EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/27 11:57 a.m.7 views

CVE-2025-12387 Denial of Service in Pix-Link LV-WR21Q

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

6.9CVSS6AI score0.00659EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/27 11:57 a.m.4 views

EUVD-2025-206410

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/27 11:57 a.m.4 views

CVE-2025-12386 Missing Authentication for Critical Endpoint in Pix-Link LV-WR21Q

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References3
CVE
CVE
added 2026/01/27 11:57 a.m.22 views

CVE-2025-12386

Pix-Link LV-WR21Q is vulnerable to an unauthenticated access issue at endpoint /goform/getHomePageInfo. The vulnerability allows remote attackers with network access to retrieve sensitive data (cleartext passwords) due to lack of authentication. Only version V108_108 has been tested and confirmed...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/27 11:57 a.m.37 views

CVE-2025-12386 Missing Authentication for Critical Endpoint in Pix-Link LV-WR21Q

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS0.00653EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.11 views

PT-2026-4912

Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with...

6.9CVSS5.9AI score0.00653EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.9 views

Pix-Link LV-WR21Q code issue and vulnerability

The Pix-Link LV-WR21Q is a wireless router produced by the Chinese company Pix-Link. The Pix-Link LV-WR21Q has a code vulnerability, which stems from improper handling of the language module. This vulnerability could allow remote attackers to trigger a denial-of-service attack through a specially...

6.9CVSS5.9AI score0.00659EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2003-0184

Malware in sbrugna...

7.2CVSS6.1AI score0.00442EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in @zalastax/nolb-lion-lv (npm)

The package @zalastax/nolb-lion-lv was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-12237 Malicious code in @zalastax/nolb-lion-lv (npm)

The package @zalastax/nolb-lion-lv was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:31 p.m.10 views

CVE-2020-24104

XSS on the PIX-Link Repeater/Router LV-WR07 with firmware v28K.Router.20170904 allows attackers to steal credentials without being connected to the network. The attack vector is a crafted ESSID, as demonstrated by the wireless.htm SET2 parameter...

6.1CVSS6.1AI score0.00819EPSS
Exploits1
NVD
NVD
added 2024/09/30 3:15 p.m.10 views

CVE-2024-46280

PIX-LINK LV-WR22 RE3002-P1-01V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them...

8.8CVSS0.003EPSS
Exploits0References1
CVE
CVE
added 2024/09/30 12:0 a.m.49 views

CVE-2024-46280

PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is affected by Improper Access Control due to TELNET being enabled with root-level credentials that cannot be changed. The issue is documented across multiple sources (NVD/Red Hat/CVE listings) with a CVSS v3.1 base score of 8.8 (High) and adjacent attack vect...

8.8CVSS6.9AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/30 12:0 a.m.3 views

PIX-LINK LV-WR22 安全漏洞

The PIX-LINK LV-WR22 is a wireless repeater from PIX-LINK. A security vulnerability exists in the PIX-LINK LV-WR22 RE3002-P1-01V117.0 version, which stems from vulnerability to improper access control attacks...

8.8CVSS6.7AI score0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/30 12:0 a.m.20 views

CVE-2024-46280

PIX-LINK LV-WR22 RE3002-P1-01V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them...

0.003EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/30 12:0 a.m.15 views

CVE-2024-46280

PIX-LINK LV-WR22 RE3002-P1-01V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them...

6.9AI score0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/30 12:0 a.m.4 views

PT-2024-31945 · Pix Link · Pix-Link Lv-Wr22

Name of the Vulnerable Software and Affected Versions: PIX-LINK LV-WR22 version RE3002-P1-01 V117.0 Description: The issue concerns Improper Access Control, where the TELNET service is enabled with weak credentials for a root-level account, and these credentials cannot be changed. Recommendations...

8.8CVSS7AI score0.003EPSS
Exploits0References7
Rows per page
Query Builder