Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-5235

Malware in sbrugna...

8CVSS8AI score0.01472EPSS
Exploits1References5
Prion
Prionadded 2019/06/10 10:29 p.m.29 views

Code injection

Starry Station aka Starry Router sets the Access-Control-Allow-Origin header to "". This allows any hosted file on any domain to make calls to the device's webserver and brute force the credentials and pull any information that is stored on the device. In this case, a user's Wi-Fi credentials are...

4.3CVSS8.4AI score0.02041EPSS
Exploits1References3
NVD
NVDadded 2019/06/10 10:29 p.m.11 views

CVE-2017-13717

Starry Station aka Starry Router sets the Access-Control-Allow-Origin header to "". This allows any hosted file on any domain to make calls to the device's webserver and brute force the credentials and pull any information that is stored on the device. In this case, a user's Wi-Fi credentials are...

8.8CVSS8.5AI score0.02041EPSS
Exploits1References3
NVD
NVDadded 2019/06/10 10:29 p.m.10 views

CVE-2017-13718

The HTTP API supported by Starry Station aka Starry Router allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. It was identified that the devi...

8CVSS7.8AI score0.01472EPSS
Exploits1References3
Prion
Prionadded 2019/06/10 10:29 p.m.10 views

Code injection

The HTTP API supported by Starry Station aka Starry Router allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. It was identified that the devi...

6CVSS7.8AI score0.01472EPSS
Exploits1References3
Cvelist
Cvelistadded 2019/06/10 9:35 p.m.15 views

CVE-2017-13717

Starry Station aka Starry Router sets the Access-Control-Allow-Origin header to "". This allows any hosted file on any domain to make calls to the device's webserver and brute force the credentials and pull any information that is stored on the device. In this case, a user's Wi-Fi credentials are...

8.5AI score0.02041EPSS
Exploits1References3
CVE
CVEadded 2019/06/10 9:35 p.m.48 views

CVE-2017-13717

The CVE-2017-13717 issue affects Starry Station (Starry Router). The product exposes a webserver with Access-Control-Allow-Origin: *, enabling cross-origin requests from any hosted page. This misconfiguration allows an attacker to access device endpoints via the user’s browser, and, as described,...

8.8CVSS8.4AI score0.02041EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2019/06/10 9:31 p.m.65 views

CVE-2017-13718

The CVE-2017-13718 entry concerns Starry Station (Starry Router) and its HTTP API, where an attacker can brute-force the user PIN to alter Wi‑Fi settings, PINs, port forwards, and expose internal ports via the Internet. The root cause appears to be an API surface (rodman Python module) that allow...

8CVSS7.7AI score0.01472EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2019/06/10 9:31 p.m.16 views

CVE-2017-13718

The HTTP API supported by Starry Station aka Starry Router allows brute forcing the PIN setup by the user on the device, and this allows an attacker to change the Wi-Fi settings and PIN, as well as port forward and expose any internal device's port to the Internet. It was identified that the devi...

7.8AI score0.01472EPSS
Exploits1References3
Rows per page
Query Builder