Lucene search
K

86 matches found

Prion
Prion
added 2021/08/06 2:15 p.m.17 views

Command injection

In ProLink PRC2402M V1.0.18 and older, the setsyscmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system...

7.5CVSS9.6AI score0.02621EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/08/06 2:15 p.m.20 views

Command injection

In ProLink PRC2402M V1.0.18 and older, the setledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the ledcmd parameter is passed directly to dosystem...

7.5CVSS9.6AI score0.02621EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/08/06 2:15 p.m.14 views

Design/Logic Flaw

In ProLink PRC2402M V1.0.18 and older, the setsysinit function in the login.cgi binary allows an attacker to reset the password to the administrative interface of the router...

5CVSS7.6AI score0.01217EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/06 1:19 p.m.25 views

CVE-2021-36708

In ProLink PRC2402M V1.0.18 and older, the setsysinit function in the login.cgi binary allows an attacker to reset the password to the administrative interface of the router...

7.8AI score0.01217EPSS
Exploits1References1
CVE
CVE
added 2021/08/06 1:19 p.m.58 views

CVE-2021-36708

ProLink PRC2402M routers (firmware v1.0.18 and earlier) are affected by CVE-2021-36708 due to a flaw in the set_sys_init function of login.cgi. This allows an attacker to reset the admin password on the router’s administrative interface. The connected documents confirm the vulnerable component an...

7.5CVSS7.5AI score0.01217EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/08/06 1:19 p.m.61 views

CVE-2021-36707

ProLink PRC2402M routers (V1.0.18 and older) are affected by a command-injection in the set_ledonoff function of the adm.cgi binary. The ledonoff page parameter triggers a vulnerability where the led_cmd parameter value is passed directly to do_system, enabling arbitrary command execution. Affect...

9.8CVSS9.6AI score0.02621EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/06 1:19 p.m.23 views

CVE-2021-36707

In ProLink PRC2402M V1.0.18 and older, the setledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the ledcmd parameter is passed directly to dosystem...

9.9AI score0.02621EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/08/06 1:19 p.m.23 views

CVE-2021-36706

In ProLink PRC2402M V1.0.18 and older, the setsyscmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system...

9.9AI score0.02621EPSS
Exploits1References1
CVE
CVE
added 2021/08/06 1:19 p.m.57 views

CVE-2021-36706

ProLink PRC2402M routers (version 1.0.18 and earlier) contain a command injection vulnerability in the adm.cgi page handler set_sys_cmd. The vulnerability is triggered by a sysCMD parameter value that is passed directly to the system() call, allowing an attacker to execute arbitrary commands. Pub...

9.8CVSS9.6AI score0.02621EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/06 1:19 p.m.24 views

CVE-2021-36705

In ProLink PRC2402M V1.0.18 and older, the setTR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069localport parameter is passed directly to system...

9.9AI score0.02621EPSS
Exploits1References1
CVE
CVE
added 2021/08/06 1:19 p.m.56 views

CVE-2021-36705

CVE-2021-36705 affects ProLink PRC2402M (V1.0.18 and older). The vulnerability is in the set_TR069 function of the adm.cgi binary, where the TR069 parameter TR069_local_port is passed directly to system, enabling a command injection. This is a network-accessible issue with high impact as describe...

9.8CVSS9.6AI score0.02621EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.5 views

ProLink PRC2402M 授权问题漏洞

ProLink PRC2402M is a router from ProLink Singapore. An information disclosure vulnerability exists in the setsysinit function in the login.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to reset the password in the administrator interfac...

7.5CVSS5.6AI score0.01217EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.6 views

ProLink PRC2402M 命令注入漏洞

ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the setTR069 function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to cause command injection by passing the TR069localport...

9.8CVSS5.7AI score0.02621EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.6 views

ProLink PRC2402M 命令注入漏洞

ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the setsyscmd function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker could exploit this vulnerability to cause command injection by passing the command paramete...

9.8CVSS5.7AI score0.02621EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.6 views

ProLink PRC2402M 命令注入漏洞

ProLink PRC2402M is a router from ProLink Singapore. A command injection vulnerability exists in the setledonoff function in the adm.cgi binary file of ProLink PRC2402M 1.0.18 and prior versions. An attacker can exploit this vulnerability to cause command injection by passing the ledcmd parameter...

9.8CVSS5.7AI score0.02621EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2016/01/21 12:21 p.m.12 views

prolink-usa.com XSS vulnerability

Vulnerable URL: http://www.prolink-usa.com/productDetail.php?productname=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2350953 Google...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/10/15 12:0 a.m.39 views

PROLiNK H5004NK Backdoor Accounts / RBAC Failure / CSRF

Exploit Title: PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities Discovered by: Karn Ganeshen Reported on: October 13, 2015 Vendor Response: No process to handle vuln reports Vendor Homepage: http://www.prolink2u.com/newtemp/datacom/adsl-modem-router/381-h5004nk.html Version Affected:...

0.5AI score
Exploits0
0day.today
0day.today
added 2015/10/15 12:0 a.m.49 views

PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities Discovered by: Karn Ganeshen Reported on: October 13, 2015 Vendor Response: No process to handle vuln reports Vendor Homepage:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/10/15 12:0 a.m.35 views

PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities

PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities Exploit Title: PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities Discovered by: Karn Ganeshen Reported on: October 13, 2015 Vendor Response: No process to handle vuln reports Vendor Homepage:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/04/21 12:0 a.m.27 views

PROLiNK H5004NK Cross Site Request Forgery

Exploit Title: PROLiNK H5004NK Multiple Vulnerabilities Date: 16-04-2015 Firmware: R76S Slt 4WNE1 6.1R Tested on: Windows 8 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Disclaimer: Use this for educational purposes only! 1| Admin Password Manipulation XSRF...

0.6AI score
Exploits0
Rows per page
Query Builder