35 matches found
EUVD-2021-12223
Malware in sbrugna...
EUVD-2021-12224
Malware in sbrugna...
EUVD-2021-28870
Malicious code in bioql PyPI...
EUVD-2021-28871
Malicious code in bioql PyPI...
CVE-2021-25328
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service DoS or possible code execution on the device...
CVE-2021-25327
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery CSRF vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as the above pages are vulnerable to cross-site scripting XSS...
CVE-2021-25326
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/testversion.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed...
CVE-2021-41872
Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service...
Denial of service
Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service...
CVE-2021-41872
Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service...
Skyworth Digital Penguin Aurora Box 安全漏洞
The Skyworth Digital Penguin Aurora Box is a high-end network HD set-top box from Skyworth Digital, a Chinese company, produced by Tencent Video in collaboration with Skyworth Digital. A security vulnerability exists in the Skyworth Digital Penguin Aurora Box, which originates from a denial of...
CVE-2021-41873
CVE-2021-41873 concerns Penguin Aurora TV Box 41502 (a high-end network HD set-top box by Tencent Video/Skyworth Digital). Connected sources corroborate an unauthorized access vulnerability that lets an attacker use a specific link to remotely control the TV. The NVD entry lists a very high CVSS ...
Skyworth Digital Technology RN510 Buffer Overflow Vulnerability
The RN510 is a dual-band wireless AC2100 access point from Skyworth Digital Technology. A buffer overflow vulnerability exists in /cgi-bin/app-staticIP.asp in the Skyworth Digital Technology RN510 version V.3.1.0.4. An attacker could exploit this vulnerability by sending a specially crafted reque...
Skyworth Digital Technology RN510 Cross-Site Request Forgery Vulnerability
The RN510 is a dual-band wireless AC2100 access point from Skyworth Digital Technology. A cross-site request forgery vulnerability exists in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp in the Skyworth Digital Technology RN510 version V.3.1.0.4. No detailed vulnerability details are...
Skyworth Digital Technology RN510 Access Control Error Vulnerability
The RN510 is a dual-band wireless AC2100 access point from Skyworth Digital Technology. An access control error vulnerability exists in /cgi-bin/testversion.asp in the Skyworth Digital Technology RN510 version V.3.1.0.4. An attacker can exploit the vulnerability to obtain the SSID password and We...
CVE-2021-25328
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service DoS or possible code execution on the device...
CVE-2021-25327
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery CSRF vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as the above pages are vulnerable to cross-site scripting XSS...
Buffer overflow
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service DoS or possible code execution on the device...
Cross site request forgery (csrf)
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery CSRF vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as the above pages are vulnerable to cross-site scripting XSS...
CVE-2021-25328
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service DoS or possible code execution on the device...