86 matches found
Hardcoded credentials
Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services...
ProLink PRS1841 信任管理问题漏洞
The ProLink PRS1841 is a router from ProLink Singapore. A security vulnerability exists in the Prolink PRS1841 that stems from the IT Telnet and FTP services containing hard-coded credentials...
CVE-2022-46637
CVE-2022-46637 concerns the ProLink router PRS1841, which is reported to contain hardcoded credentials for Telnet and FTP, enabling unauthorized access. The CVE entry cites a CRITICAL 9.8 CVSS score (Network vector, low complexity, no user interaction) with high impact on confidentiality, integri...
CVE-2022-46637
Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services...
PT-2023-14973 · Prolink · Prolink Router Prs1841
Name of the Vulnerable Software and Affected Versions: Prolink router PRS1841 Description: The Prolink router PRS1841 contains hardcoded credentials for its Telnet and FTP services. This issue allows unauthorized access to the device. Recommendations: For Prolink router PRS1841, consider changing...
CVE-2022-46637
Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services...
ProLink PRS1841 Backdoor Account Vulnerability
Exploit Title: Router backdoor - ProLink PRS1841 PLDT Home fiber Exploit Author: Lawrence Amer @zux0x3a Vendor Homepage: https://prolink2u.com/product/prs1841/ Firmware : PRS1841 U V2 reference:...
ProLink PRS1841 Backdoor Account
Exploit Title: Router backdoor - ProLink PRS1841 PLDT Home fiber Exploit Author: Lawrence Amer @zux0x3a Vendor Homepage: https://prolink2u.com/product/prs1841/ Firmware : PRS1841 U V2 reference:...
ProLink PRC2402M Command Injection Vulnerability (CNVD-2021-68447)
ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the setsyscmd function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker could exploit this vulnerability to cause command injection by passing the command paramete...
ProLink PRC2402M Command Injection Vulnerability (CNVD-2021-68446)
ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the setTR069 function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to cause command injection by passing the TR069localport...
ProLink PRC2402M Information Disclosure Vulnerability (CVE-2021-36708)
ProLink PRC2402M is a router from ProLink Singapore. An information disclosure vulnerability exists in the setsysinit function in the login.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to reset the password in the administrator interfac...
ProLink PRC2402M Command Injection Vulnerability
ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the setledonoff function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to cause command injection by passing the ledcmd parameter...
CVE-2021-36705
In ProLink PRC2402M V1.0.18 and older, the setTR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069localport parameter is passed directly to system...
CVE-2021-36707
In ProLink PRC2402M V1.0.18 and older, the setledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the ledcmd parameter is passed directly to dosystem...
CVE-2021-36706
In ProLink PRC2402M V1.0.18 and older, the setsyscmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system...
CVE-2021-36706
In ProLink PRC2402M V1.0.18 and older, the setsyscmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system...
CVE-2021-36707
In ProLink PRC2402M V1.0.18 and older, the setledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the ledcmd parameter is passed directly to dosystem...
CVE-2021-36705
In ProLink PRC2402M V1.0.18 and older, the setTR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069localport parameter is passed directly to system...
CVE-2021-36708
In ProLink PRC2402M V1.0.18 and older, the setsysinit function in the login.cgi binary allows an attacker to reset the password to the administrative interface of the router...
Command injection
In ProLink PRC2402M V1.0.18 and older, the setTR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069localport parameter is passed directly to system...