Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNVD
CNVDadded 2020/01/15 12:0 a.m.1 views

Billion Smart Energy Router SG600R2 Command Execution Vulnerability

The Billion Smart Energy Router SG600R2 is a router device. A security vulnerability exists in the Billion Smart Energy Router SG600R2 using firmware version 3.02.rc6. The vulnerability can be exploited to gain root execute privileges with the help of a hidden etcro/web/adm/systemcommand.asp shel...

9CVSS7.3AI score0.00653EPSS
Exploits1References1
NVD
NVDadded 2020/01/09 5:15 p.m.13 views

CVE-2019-14919

An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device...

7.8CVSS7.6AI score0.00234EPSS
Exploits1References1
OSV
OSVadded 2020/01/09 5:15 p.m.0 views

CVE-2019-14920

Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etcro/web/adm/systemcommand.asp shell feature...

8.8CVSS7.4AI score
Exploits0References1
OSV
OSVadded 2020/01/09 5:15 p.m.2 views

CVE-2019-14919

An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device...

7.8CVSS7.2AI score0.00234EPSS
Exploits1References1
OSV
OSVadded 2020/01/09 5:15 p.m.0 views

CVE-2019-14918

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etcro/web/internet/dhcpcliinfo.asp...

5.4CVSS6.5AI score
Exploits0References1
NVD
NVDadded 2020/01/09 5:15 p.m.12 views

CVE-2019-14918

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etcro/web/internet/dhcpcliinfo.asp...

5.4CVSS5.7AI score0.00186EPSS
Exploits1References1
Prion
Prionadded 2020/01/09 5:15 p.m.17 views

Design/Logic Flaw

Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etcro/web/adm/systemcommand.asp shell feature...

9CVSS8.6AI score0.00653EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2020/01/09 4:24 p.m.15 views

CVE-2019-14920

Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etcro/web/adm/systemcommand.asp shell feature...

8.8AI score0.00653EPSS
Exploits1References1
Rows per page
Query Builder