EUVD-2022-41352

Malicious code in bioql PyPI...

CVE-2021-3774

Meross Smart Wi-Fi 2 Way Wall Switch MSS550X, on its 3.1.3 version and before, creates an open Wi-Fi Access Point without the required security measures in its initial setup. This could allow a remote attacker to obtain the Wi-Fi SSID as well as the password configured by the user from Meross app...

CVE-2022-47052

CVE-2022-47052 affects NETGEAR Nighthawk R6220 AC1200 Smart Wi‑Fi Router. The web interface is vulnerable to a CRLF Injection that enables Reflected XSS and HTML Injection when a malicious, unauthenticated user requests a specially crafted URL. Impact is described as low confidentiality and integ...

CVE-2022-38789

An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference...

CVE-2022-38789

An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference...

Design/Logic Flaw

An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference...

CVE-2022-38789

An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference...

CVE-2022-38789

CVE-2022-38789 affects Airties Smart Wi‑Fi devices released before 2020-08-04. The issue stems from an Insecure Direct Object Reference that lets an attacker change the main/guest SSID and PSK to arbitrary values and map the LAN. Multiple sources (NVD/Red Hat entry, CN/PRION/PTSecurity summaries)...

PT-2022-24568 · Airties · Airties Smart Wi-Fi

Name of the Vulnerable Software and Affected Versions: Airties Smart Wi-Fi versions prior to 2020-08-04 Description: The issue allows attackers to change the main/guest SSID and the PSK to arbitrary values and map the LAN due to Insecure Direct Object Reference. Recommendations: For versions prio...

Cross site request forgery (csrf)

Meross Smart Wi-Fi 2 Way Wall Switch MSS550X, on its 3.1.3 version and before, creates an open Wi-Fi Access Point without the required security measures in its initial setup. This could allow a remote attacker to obtain the Wi-Fi SSID as well as the password configured by the user from Meross app...

Weak Password Vulnerability in Anet-Smart Wi-Fi Gateway System

hereinafter referred to as AnNet Communications is a solution provider focusing on the research, development, production, sales and service of network communication equipment based on IP technology, providing users with network security, routers, switches, firewalls, wireless AP coverage and othe...

Linksys Smart Wi-Fi routers suffer from weak password vulnerability

Smart Wi-Fi is a router product from Linksys. Linksys Smart Wi-Fi routers have a weak password vulnerability that can be exploited by an attacker to directly log in to the router's management backend to control the device...

Attacks on Linksys Routers Trigger Mass Password Reset

UPDATE Home Linksys router users were targeted in a cyberattack that changed router settings, and redirected requests for specific webpages and domains to malicious Coronavirus-themed landing pages that were booby-trapped with malware. Researchers identified the attack last month, and earlier thi...

Authentication flaw

On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. Th...

CVE-2019-18980

The CVE describes an authentication-less control API on Signify Philips Taolight Smart Wi‑Fi Wiz Connected LED Bulb 9290022656. A remote attacker with network access can operate the bulb: turn it on/off, adjust color, or change brightness, due to no authentication or encryption on the control API...

Linksys Smart Wi-Fi Web Interface Detection

Binary data linksyssmartwifiwwwdetect.nbin...

Linksys Smart Wi-Fi Router Default Credentials

Nessus has detected that the remote Linksys Smart Wi-Fi Router device has default credentials set for its web administration interface 'admin'/'admin'. An attacker can exploit this to gain administrative access to the affected device. C Tenable Network Security, Inc. include"compat.inc"; if...

Linksys Smart Wi-Fi Safe from Home Router Flaws; Classic Configuration Vulnerable

Cisco clarified today that its Linksys EA2700 home routers running the new Smart Wi-Fi firmware released last June are immune to vulnerabilities disclosed this week by a researcher. EA2700 routers, however, that are still running on the classic EA2700 configuration remain vulnerable to a host of...