CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2021/03/29 12:0 a.m.•2 views

TP-Link Archer A7 安全漏洞

Tp-link TP-Link Archer A7 is a wireless router from China P&L Tp-link. A security vulnerability exists in the TP-Link Archer A7 prior to Archer C7USV5210125 and Archer A7USV5200220 AC1750 routers, which stems from a failure to properly filter IPv6 SSH connections. An attacker could exploit the...

9.3CVSS7.7AI score0.04207EPSS

CVE•added 2021/03/26 5:9 p.m.•76 views

CVE-2020-28695

CVE-2020-28695 affects Askey Fiber Router RTF3505VW-N1, and related models, enabling remote code execution and extraction of admin credentials to log into the Dashboard or SSH as root. The CVE entry describes an unauthenticated path resulting in full device compromise (CVE-2020-28695). Connected ...

8.8CVSS9.1AI score0.00913EPSS

Exploits2References1Affected Software1

CNNVD•added 2021/02/26 12:0 a.m.•3 views

Netgear NETGEAR R7800 Operating System Command Injection Vulnerability

The Netgear NETGEAR R7800 is a wireless router from Netgear, Inc. The NETGEAR R7800 suffers from an operating system command injection vulnerability that originates from the failure to properly validate a user-supplied string before executing a system call using it. An attacker could exploit the...

8.8CVSS7.5AI score0.00557EPSS

Exploits0References4

OSV•added 2021/02/12 12:15 a.m.•0 views

CVE-2020-27866

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

8.8CVSS7.1AI score

OSV•added 2021/02/12 12:15 a.m.•0 views

CVE-2020-27867

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Although authentication is required to exploit...

6.8CVSS7AI score0.00164EPSS

CNNVD•added 2021/02/07 12:0 a.m.•2 views

Svakom Siime Eye Operating System Command Injection Vulnerability

The Svakom Siime Eye is a smart home device from Svakom, USA. An operating system command injection vulnerability exists in Svakom Siime Eye. The vulnerability stems from a command injection issue in the HOST/IP section of the NFS settings menu of the web server running on the device. Arbitrary...

10CVSS7.4AI score0.04409EPSS

Exploits1References2

OSV•added 2021/02/04 5:15 p.m.•1 views

CVE-2021-1341

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due t...

7.2CVSS6.2AI score

OSV•added 2021/02/04 5:15 p.m.•1 views

CVE-2021-1347

7.2CVSS6.2AI score

7.2CVSS7.4AI score0.00435EPSS

CVE-2021-1329

CVE-2021-1338

7.2CVSS7.4AI score

CVE-2021-1323

7.2CVSS7.4AI score

OSV•added 2021/02/04 5:15 p.m.•1 views

CVE-2021-1293

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP...

9.8CVSS7.9AI score0.06344EPSS

CVE-2020-27872

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7450 1.2.0.621.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the minihttpd service, which listens on TCP port 80 by...

8.8CVSS5.5AI score

CNNVD•added 2021/02/03 12:0 a.m.•1 views

Security Vulnerabilities in Multiple Cisco Products

The Cisco RV160, among others, is a router from Cisco in the United States that is used in enterprise environments. A security vulnerability exists in the Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers, which could be exploited by an unauthenticated, remote attacker to...

10CVSS6.2AI score0.01866EPSS

Positive Technologies•added 2021/02/03 12:0 a.m.•1 views

PT-2021-1976 · Cisco · Cisco Small Business Rv082 +5

Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers affected versions not specified Description: The issue is related to insufficient validation of user-supplied input in the web-based management interface, which could...

9CVSS7.1AI score0.00576EPSS

Exploits0References5

CNNVD•added 2021/01/30 12:0 a.m.•2 views

Terramaster TOS 操作系统命令注入漏洞

TerraMaster TOS is a Linux-based operating system developed for TerraMaster Cloud Storage NAS servers. A dynamic class method call vulnerability exists in include/exportUser.php in TerraMaster TOS versions prior to 4.1.29. The vulnerability stems from invalid parameter checking. An attacker can...

10CVSS7.5AI score0.93537EPSS

Exploits1References3

OSV•added 2021/01/13 10:15 p.m.•1 views

CVE-2021-1209

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper...

7.2CVSS7.4AI score

OSV•added 2021/01/13 10:15 p.m.•0 views

CVE-2021-1213

7.2CVSS6.2AI score

OSV•added 2021/01/13 10:15 p.m.•0 views

CVE-2021-1202

7.2CVSS6.2AI score0.00435EPSS