Lucene search
K

7 matches found

NVD
NVD
added 2022/01/25 4:15 p.m.27 views

CVE-2021-34870

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.521.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue resul...

6.5CVSS0.00895EPSS
Exploits0References2
Prion
Prion
added 2022/01/25 4:15 p.m.19 views

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.521.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue resul...

3.3CVSS6.3AI score0.00895EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/02/12 12:15 a.m.13 views

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...

3.3CVSS6.3AI score0.00989EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2021/02/11 11:35 p.m.58 views

CVE-2020-27863

CVE-2020-27863 affects D-Link DVA-2800 and DSL-2888A routers. The flaw is in the dhttpd service (listening on TCP port 8008 by default) where incorrect string-matching logic when accessing protected pages allows network-adjacent attackers to disclose stored credentials without authentication. The...

6.5CVSS6.2AI score0.00989EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/10/13 5:15 p.m.31 views

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists...

3.3CVSS6.3AI score0.00697EPSS
Exploits0References2Affected Software9
Prion
Prion
added 2020/08/25 9:15 p.m.25 views

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getFileUploadBytes method of the FlashValidatorServiceImpl...

5CVSS7.3AI score0.03217EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/08/25 8:21 p.m.63 views

CVE-2020-15641

CVE-2020-15641 affects Marvell QConvergeConsole 5.5.0.64. The vulnerability is a directory traversal flaw in the getFileUploadBytes method of the FlashValidatorServiceImpl class, caused by insufficient validation of a user-supplied path before file operations. This allows remote attackers to disc...

7.5CVSS7.3AI score0.03217EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder