36 matches found
EUVD-2024-27366
Malicious code in bioql PyPI...
EUVD-2024-27368
Malicious code in bioql PyPI...
EUVD-2024-27367
Malicious code in bioql PyPI...
CVE-2024-2415
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2416
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...
CVE-2024-2414
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
CVE-2024-2415
CVE-2024-2415 affects Movistar 4G router ES_WLD71-T1_v2.0.201820. Root cause is a command injection via an authenticated POST to the endpoint /cgi-bin/gui.cgi, allowing command execution inside the router. Impact is high (authenticated local command execution). Remediation/mitigation: apply vendo...
CVE-2024-2415 Command injection vulnerability in Movistar 4G router
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2415 Command injection vulnerability in Movistar 4G router
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2416
Movistar’s 4G router, ES_WLD71-T1_v2.0.201820, is affected by a Cross-Site Request Forgery vulnerability. The issue allows an attacker to force an authenticated user to perform unwanted actions in the web application. The CVE-2024-2416 entry, with CVSS v3.1 base score 6.5 (Privileges: None, User ...
CVE-2024-2416 Cross-Site Request Forgery vulnerability in Movistar 4G router
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...
CVE-2024-2416 Cross-Site Request Forgery vulnerability in Movistar 4G router
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...
CVE-2024-2414 Unprotected Primary Channel vulnerability in Movistar 4G router
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
CVE-2024-2414
CVE-2024-2414 affects Movistar 4G router (S_WLD71-T1_v2.0.201820). The issue is an unprotected primary channel with the adb service listening on port 5555, granting a root shell. Public sources report root-access via ADB pre-auth, high impact (C:H, I:H, A:H) with adjacent attack vector and no use...
CVE-2024-2414 Unprotected Primary Channel vulnerability in Movistar 4G router
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
PT-2024-20303 · Telefonica · Movistar 4G Router
Name of the Vulnerable Software and Affected Versions: Movistar 4G router version ES WLD71-T1 v2.0.201820 Description: The issue is a Cross-Site Request Forgery vulnerability that allows an attacker to force an end user to execute unwanted actions in a web application where they are currently...
PT-2024-20291 · Telefonica · Movistar 4G Router
Name of the Vulnerable Software and Affected Versions: Movistar 4G router version S WLD71-T1 v2.0.201820 Description: The issue concerns an unprotected primary channel on the Movistar 4G router, which has the 'adb' service open on port 5555. This provides access to a shell with root privileges,...
PT-2024-20298 · Telefonica · Movistar 4G Router
Name of the Vulnerable Software and Affected Versions: Movistar 4G router version ES WLD71-T1 v2.0.201820 Description: The issue is a command injection vulnerability that allows an authenticated user to execute commands inside the router. This can be achieved by making a POST request to the API...
Movistar 4G router security vulnerability
Movistar 4G router is a series of routers from Movistar Spain. A security vulnerability exists in the Movistar 4G router ESWLD71-T1v2.0.201820 firmware version, which originates from an unprotected master channel on the router, which opens the adb service on port 5555 and provides shell access wi...
Movistar 4G router cross-site request forgery vulnerability
Movistar 4G router is a series of routers from Movistar Spain. A cross-site request forgery vulnerability exists in the Movistar 4G router ESWLD71-T1v2.0.201820 firmware version, which originates from a vulnerability that allows an attacker to force a user to perform additional actions in a web...