5 matches found
CVE-2026-36608
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...
CVE-2025-1614
A vulnerability classified as problematic has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected is an unknown function of the file /goform/portForwardingCfg of the component Port Forwarding Submenu. The manipulation of the argument pfDescription leads to cross site scripting. It is...
EUVD-2021-1649
Malware in sbrugna...
CVE-2025-1614 FiberHome AN5506-01A ONU GPON Port Forwarding Submenu portForwardingCfg cross site scripting
A vulnerability classified as problematic has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected is an unknown function of the file /goform/portForwardingCfg of the component Port Forwarding Submenu. The manipulation of the argument pfDescription leads to cross site scripting. It is...
CVE-2022-23000
The Western Digital My Cloud Web App https://os5.mycloud.com/ uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an "SSL" context instead of "TLS" or specifying stronger validation,...