CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

MediaTek wappd buffer overflow

Added: 09/30/2024 Background MediaTek Wi-Fi chipsets and SoftAP driver bundles include wappd , a network daemon responsible for configuring and managing wireless interfaces and access points. Problem A buffer overflow in wappd could allow remote code execution on a large variety of devices...

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

CVE-2024-25735

WyreStorm Apollo VX20 devices prior to version 1.3.58 expose cleartext credentials via an HTTP GET on the SoftAP router endpoint /device/config. This is an information-disclosure/authentication- bypass issue affecting the web interface/config component; remote attackers can retrieve credentials w...

PT-2024-4077 · Wyrestorm · Wyrestorm Apollo Vx20

Name of the Vulnerable Software and Affected Versions: WyreStorm Apollo VX20 versions prior to 1.3.58 Description: An issue allows remote attackers to discover cleartext passwords via a SoftAP "GET /device/config" request. This is due to a lack of encrypted confidential data. Recommendations: For...

CVE-2022-20535

In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2022-20200

In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20200

In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2022-14429 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12L Description: The issue is related to a possible leak of hotspot state due to a missing permission check in the updateApState function of SoftApManager.java. This could lead to local information disclosure with no...

CVE-2017-2873

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration resulting...

CVE-2017-2873

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration resulting...

Foscam IP Video Camera CGIProxy.fcgi SoftAP Configuration Command Injection Vulnerability(CVE-2017-2873)

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration...

Foscam IP Video Camera CGIProxy.fcgi SoftAP Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration...

Samsung SoftAP Weak Password Vulnerability

Samsung's SoftAP WPA2-PSK password generation is weak and can be cracked in a few hours. ================================================================ Samsung softap weak random generated password This affects SmartTV and Printers ===============================================================...