11 matches found
EUVD-2018-7433
Malware in sbrugna...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, Inc. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection and could lead to arbitrary command...
CVE-2018-15556
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
Default credentials
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
Code injection
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
CVE-2018-15556
CVE-2018-15556 affects the Quantenna WiFi Controller in Telus Actiontec WEB6000Q (firmware v1.1.02.22). An attacker can log in as root with an empty password via the onboard UART headers, enabling full shell access. Public PoC material exists (PacketStorm/full disclosure) describing UART-based pr...
CVE-2018-15556
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
CVE-2018-15557
CVE-2018-15557 affects the Quantenna WiFi Controller in Telus Actiontec WEB6000Q devices (firmware v1.1.02.22). The issue allows an attacker with access to the 169.254.1.0/24 link-local subnet to obtain root by connecting to 169.254.1.2 on TCP port 23 (telnet/netcat). Documents corroborate a priv...