102 matches found
PT-2025-23523 · Sitecom · Sitecom Wlx-2006
Name of the Vulnerable Software and Affected Versions: Sitecom WLX-2006 Wall Mount Range Extender N300 versions 1.5 and before Description: A Local File Inclusion LFI issue exists, which allows an attacker to manipulate the language cookie to include arbitrary files from the server. This can be...
CVE-2024-40114
A Cross Site Scripting XSS vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before allows an attacker to manipulate the language cookie to inject malicious JavaScript code...
CVE-2024-40112
CVE-2024-40112 affects Sitecom WLX-2006 Wall Mount Range Extender N300 (v1.5 and earlier). The issue is a Local File Inclusion (LFI) caused by mishandling of the language cookie, allowing an attacker to include arbitrary server files and disclose sensitive information. Root cause: improper langua...
PT-2025-23524 · Sitecom · Sitecom Wlx-2006
Name of the Vulnerable Software and Affected Versions: Sitecom WLX-2006 Wall Mount Range Extender N300 versions 1.5 and earlier Description: The issue concerns the use of default credentials in the Sitecom WLX-2006 Wall Mount Range Extender N300. This allows unauthorized access to the device. No...
Sitecom WLX-2006 Wall Mount Range Extender N300 安全漏洞
The Sitecom WLX-2006 Wall Mount Range Extender N300 is a wall mount range extender from Sitecom. A security vulnerability exists in the Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and earlier versions that stems from the use of default credentials...
CVE-2024-40114
CVE-2024-40114 targets Sitecom WLX-2006 Wall Mount Range Extender N300, with a root cause of improper manipulation of the language cookie enabling cross-site scripting (XSS). Affected versions are v1.5 and earlier. The documented impact is that an attacker can inject malicious JavaScript by manip...
CVE-2024-40113
Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default Credentials...
CVE-2024-40112
A Local File Inclusion LFI vulnerability exists in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before, which allows an attacker to manipulate the "language" cookie to include arbitrary files from the server. This vulnerability can be exploited to disclose sensitive information...
Sitecom WLX-2006 Wall Mount Range Extender N300 跨站脚本漏洞
The Sitecom WLX-2006 Wall Mount Range Extender N300 is a wall mount range extender from Sitecom. A security vulnerability exists in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and earlier versions, which stems from improper manipulation of a language cookie and could lead to a cross-site...
PT-2025-23525 · Sitecom · Sitecom Wlx-2006
Name of the Vulnerable Software and Affected Versions: Sitecom WLX-2006 Wall Mount Range Extender N300 versions 1.5 and earlier Description: A Cross Site Scripting XSS issue allows an attacker to manipulate the language cookie to inject malicious JavaScript code. Recommendations: For versions 1.5...
CVE-2012-1922
Multiple cross-site request forgery CSRF vulnerabilities in Sitecom WLM-2501 allow remote attackers to hijack the authentication of administrators for requests that modify settings for 1 Mac Filtering via admin/formFilter, 2 IP/Port Filtering via formFilter, 3 Port Forwarding via formPortFw, 4...
CVE-2012-1921
Cross-site request forgery CSRF vulnerability in goform/admin/formWlEncrypt in Sitecom WLM-2501 allows remote attackers to hijack the authentication of administrators for requests that change the router passphrase via the pskValue parameter...
Sitecom-MD-25x
Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link: http://www.sitecom.com/download/5012/SitecomNas.2.4.17.bin Version: 2.4.17 and below...
Conceptronic Grab’n’Go and Sitecom Storage Center Password Disclosure
No description provided by source. Updated to include Sitecom MD-253 and MD254 Minor textual changes == Conceptronic Grab’n’Go and Sitecom Storage Center - Password disclosure Vulnerability - Security Advisory AA-002 Severity Rating: High Discovery Date: May 5, 2012 Vendor Notification: May 31,...
Sitecom WLM-2501 CSRF Vulnerabilities
No description provided by source. +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Sitecom WLM-2501 Change Wireless Passphrase Date : 13-03-2012 Author : Ivano Binetti http://www.ivanobinetti.com...
Sitecom N300/N600 Devices - Multiple Vulnerabilities
No description provided by source. Multiple vulnerabilities on Sitecom N300/N600 devices ===================================================== ADVISORY INFORMATION Title: Multiple vulnerabilities on Sitecom N300/N600 devices Discovery date: 01/06/2013 Release date: 19/08/2013 Credits: Roberto...
Sitecom WLM-2501 new Multiple CSRF Vulnerabilities
No description provided by source. +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Sitecom WLM-2501 new Multiple CSRF Vulnerabilities Date : 22-03-2012 Author : Ivano Binetti...
Sitecom Home Storage Center Directory Traversal
No description provided by source...
Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit
No description provided by source. !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...
Sitecom Home Storage Center Auth Bypass Vulnerability
No description provided by source...