36 matches found
EUVD-2024-27368
Malicious code in bioql PyPI...
EUVD-2024-27367
Malicious code in bioql PyPI...
EUVD-2024-27366
Malicious code in bioql PyPI...
CVE-2024-2415
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2416
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...
CVE-2024-2414
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
CVE-2024-2415 Command injection vulnerability in Movistar 4G router
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2415 Command injection vulnerability in Movistar 4G router
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2415
CVE-2024-2415 affects Movistar 4G router ES_WLD71-T1_v2.0.201820. Root cause is a command injection via an authenticated POST to the endpoint /cgi-bin/gui.cgi, allowing command execution inside the router. Impact is high (authenticated local command execution). Remediation/mitigation: apply vendo...
CVE-2024-2416 Cross-Site Request Forgery vulnerability in Movistar 4G router
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...
CVE-2024-2416 Cross-Site Request Forgery vulnerability in Movistar 4G router
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...
CVE-2024-2416
Movistar’s 4G router, ES_WLD71-T1_v2.0.201820, is affected by a Cross-Site Request Forgery vulnerability. The issue allows an attacker to force an authenticated user to perform unwanted actions in the web application. The CVE-2024-2416 entry, with CVSS v3.1 base score 6.5 (Privileges: None, User ...
CVE-2024-2414 Unprotected Primary Channel vulnerability in Movistar 4G router
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
CVE-2024-2414 Unprotected Primary Channel vulnerability in Movistar 4G router
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
CVE-2024-2414
CVE-2024-2414 affects Movistar 4G router (S_WLD71-T1_v2.0.201820). The issue is an unprotected primary channel with the adb service listening on port 5555, granting a root shell. Public sources report root-access via ADB pre-auth, high impact (C:H, I:H, A:H) with adjacent attack vector and no use...
PT-2024-20291 · Telefonica · Movistar 4G Router
Name of the Vulnerable Software and Affected Versions: Movistar 4G router version S WLD71-T1 v2.0.201820 Description: The issue concerns an unprotected primary channel on the Movistar 4G router, which has the 'adb' service open on port 5555. This provides access to a shell with root privileges,...
Movistar 4G router security vulnerability
Movistar 4G router is a series of routers from Movistar Spain. A security vulnerability exists in the Movistar 4G router ESWLD71-T1v2.0.201820 firmware version, which originates from an unprotected master channel on the router, which opens the adb service on port 5555 and provides shell access wi...
Movistar 4G router OS Command Injection Vulnerability
Movistar 4G router is a series of routers from Movistar Spain. The Movistar 4G router ESWLD71-T1v2.0.201820 firmware version has an operating system command injection vulnerability that originates from allowing authenticated users to execute commands within the router by sending a POST request to...
PT-2024-20298 · Telefonica · Movistar 4G Router
Name of the Vulnerable Software and Affected Versions: Movistar 4G router version ES WLD71-T1 v2.0.201820 Description: The issue is a command injection vulnerability that allows an authenticated user to execute commands inside the router. This can be achieved by making a POST request to the API...
PT-2024-20303 · Telefonica · Movistar 4G Router
Name of the Vulnerable Software and Affected Versions: Movistar 4G router version ES WLD71-T1 v2.0.201820 Description: The issue is a Cross-Site Request Forgery vulnerability that allows an attacker to force an end user to execute unwanted actions in a web application where they are currently...