Lucene search
K

9 matches found

OSV
OSV
added 2025/12/30 6:15 p.m.4 views

CVE-2025-15258

A weakness has been identified in Edimax BR-6208AC 1.02/1.03. Affected by this issue is the function formALGSetup of the file /goform/formALGSetup of the component Web-based Configuration Interface. This manipulation of the argument wlan-url causes open redirect. The attack is possible to be...

6.1CVSS5.5AI score0.00221EPSS
Exploits1References4
CVE
CVE
added 2025/12/30 5:32 p.m.9 views

CVE-2025-15258

CVE-2025-15258 affects Edimax BR-6208AC (versions 1.02–1.03). The Web-based Configuration Interface’s formALGSetup handler at /goform/formALGSetup can be manipulated via the wlan-url argument to trigger an open redirect, with remote access and publicly available exploit evidence. Multiple sources...

6.1CVSS4.6AI score0.00221EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/12/30 5:2 p.m.4 views

CVE-2025-15257

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

9.8CVSS5.3AI score0.04442EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/10/25 12:30 a.m.7 views

EUVD-2025-35893

Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...

7CVSS6.7AI score0.00119EPSS
Exploits0References3
CVE
CVE
added 2025/10/24 11:4 p.m.14 views

CVE-2025-34503

CVE-2025-34503 affects Deck Mate 1. The vulnerability arises because the device executes firmware directly from an external EEPROM without verifying authenticity or integrity, enabling a physically proximate attacker to replace or reflash the EEPROM and execute arbitrary code that persists across...

7CVSS6.8AI score0.00119EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/24 11:4 p.m.34 views

CVE-2025-34503 Shuffle Master Deck Mate 1 Unauthenticated EEPROM Firmware Execution

Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update...

7CVSS0.00119EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:33 p.m.5 views

CVE-2021-37379

Cross Site Scripting XSS vulnerability in Teradek Sphere all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address...

5.4CVSS6.3AI score0.00589EPSS
Exploits1References1
OSV
OSV
added 2023/02/03 6:15 p.m.5 views

CVE-2021-37378

Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...

5.4CVSS6AI score0.00589EPSS
Exploits1References1
OSV
OSV
added 2022/07/21 4:15 a.m.5 views

CVE-2022-20875

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

7.2CVSS7.5AI score0.01081EPSS
Exploits0References1
Rows per page
Query Builder