CVE-2026-24444 SDMC NE6037 Hardcoded Password via mgmt.php/npcmd.php

SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints mgmt.php, npcmd.php that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the...

PT-2026-44402

SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9 B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints mgmt.php, npcmd.php that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the...

EUVD-2025-208122

Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user...

PT-2025-50103

Name of the Vulnerable Software and Affected Versions NETGEAR C6220 and C6230 versions affected versions not specified Description A flaw exists that allows authenticated local WiFi users to reboot the router. This issue impacts NETGEAR C6220 and C6230 DOCSIS® 3.0 Two-in-one Cable Modem + WiFi...

CVE-2016-15056

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

Aztech-POC

Description - So far, I have worked on the Aztech modem router...

Netgear DGND3700 Information Disclosure Vulnerability

The Netgear DGND3700 is a modem router from NETGEAR. The Netgear DGND3700 suffers from an information disclosure vulnerability that originates from improper handling of the file /BRStop.html, which can be exploited by an attacker to cause information disclosure...

DrayTek Vigor 165 安全漏洞

The DrayTek Vigor 165 is a VDSL2 35b hypervector modem/router from China DrayTek DrayTek. A security vulnerability exists in the DrayTek Vigor 165 that stems from passwords being stored in plaintext...

CVE-2023-4498

Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only...

CVE-2023-4498 Authentication Bypass in Tenda N300 Wireless N VDSL2 Modem Router

Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only...

Cross site request forgery (csrf)

D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service DoS via a crafted HTTP connection request...

ASUS CMAX6000 Information Disclosure Vulnerability

The ASUS Cmax6000 is a 4x4 dual-band Wifi cable modem router from Asus China. A security vulnerability exists in ASUS CMAX6000 v1.02.00, which can be exploited by an attacker to recover encrypted data via a hard-coded key...

D-Link DWR-932C E1 Command Injection Vulnerability

The D-Link Dwr-932C E1 is a WiFi mobile modem router from China-based D-Link.A security vulnerability exists in the D-Link DWR-932C E1 firmware, which stems from an OS command injection in debugfcgi. An attacker could exploit this vulnerability to perform command injection via a crafted HTTP...

CVE-2021-37273

A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450EPON ONU 3.0. Tianyi Gateway is a hardware terminal of "Optical Modem Smart Router." Attackers can use this vulnerability to restart the device multiple times...

Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting

Exploit Title: tenda D301 v2 modem router stored xss CVE-2019-13492 Exploit Author: ABDO10 Date : July, 11th 2019 Product : Tenda D301 v2 Modem Router version : v2 Vendor Homepage: https://www.tp-link.com/au/home-networking/dsl-modem-router/td-w8960n/ Tested on: Linux CVE : 2019-13491 Poc...

Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting

Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting Exploit Title: tenda D301 v2 modem router stored xss CVE-2019-13492 Exploit Author: ABDO10 Date : July, 11th 2019 Product : Tenda D301 v2 Modem Router version : v2 Vendor Homepage:...

Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: tenda D301 v2 modem router stored xss CVE-2019-13492 Exploit Author: ABDO10 Date : July, 11th 2019 Product : Tenda D301 v2 Modem Router version : v2 Vendor Homepage:...

Technicolor TC7200 Modem/Router Detection (SNMP)

SNMP based detection of a Technicolor TC7200 Modem/Router. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linksys WAG120N ADSL2 + Modem Router Download Config File Vulnerability

Exploit for cgi platform in category web applications Exploit Title: Linksys WAG120N ADSL2 + Modem Router Download Config File Vulnerability Vendor Homepage: http://www.linksys.com/in/support-product?pid=01t80000003prsQAAQ Exploit : http://192.168.1.1/Routercfg.cfg Open Routercfg.cfg with Notepad...

Hitron CGNV4 ModemRouter 4.3.9.9-SIP-UPC - Multiple Vulnerabilities

Hitron CGNV4 ModemRouter 4.3.9.9-SIP-UPC - Multiple Vulnerabilities Hitron CGNV4 modem/router multiple vulnerabilities -------------------------------------------------- Platforms / Firmware confirmed affected: - Hitron CGNV4, 4.3.9.9-SIP-UPC - Product page:...