25 matches found
TP-Link Archer C7 安全漏洞
The TP-Link Archer C7 is a router produced by the TP-Link company. The TP-Link Archer C7 Build 20220715 and earlier versions have security vulnerabilities. These vulnerabilities stem from insufficient encryption strength, which may allow password recovery attacks to occur...
CVE-2019-18992
OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" this can occur, for example, on a TP-Link Archer C7 device...
CVE-2019-18993
OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI this can occur, for example, on a TP-Link Archer C7 device...
EUVD-2019-8647
Malware in sbrugna...
EUVD-2019-8646
Malware in sbrugna...
EUVD-2024-52014
Malicious code in bioql PyPI...
CVE-2024-53623
Incorrect access control in the component l00.xml of TP-Link ARCHER-C7 v5 allows attackers to access sensitive information...
TP-LINK Archer C7 Access Control Error Vulnerability
The TP-LINK Archer C7 is a wireless router from China P&L TP-LINK. An Access Control Error vulnerability exists in TP-LINK Archer C7 v5, which originates from a faulty access control in component l00.xml, and can be exploited by an attacker to access sensitive information...
CVE-2024-53623
Incorrect access control in the component l00.xml of TP-Link ARCHER-C7 v5 allows attackers to access sensitive information...
CVE-2024-53623
Incorrect access control in the component l00.xml of TP-Link ARCHER-C7 v5 allows attackers to access sensitive information...
CVE-2024-53623
The CVE-2024-53623 issue affects TP-Link ARCHER-C7 router (v5), arising from an access control flaw in the l_0_0.xml component that may allow an attacker to access sensitive information. Reports from PT-2024-9088 confirm v5 as affected and describe a remote access risk. Remediation elements prese...
Metasploit Weekly Wrap-Up
Cloud Fun With EC2 New ground was broken today with the addition of two PRs from community contributor sempervictus, also known as RageLtMan, who added the ability for Metasploit to establish sessions to EC2 instances using Amazon's SSM interface, which provides a public API to execute commands o...
Weak Password Vulnerability in TP-LINK Archer-C7 Router
P&T Technologies Ltd. is a leading global provider of network communication equipment. A weak password vulnerability exists in the Archer-C7 router, which can be exploited by an attacker to log into the system backend and perform unauthorized operations...
DD-WRT 45723 Buffer Overflow
Exploit Title: DD-WRT 45723 - UPNP Buffer Overflow PoC Date: 24.03.2021 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://dd-wrt.com/ Software Link: https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/ Version: 45723 or prior Tested on: TP-Link Archer C7...
DD-WRT 45723 - UPNP Buffer Overflow Exploit
Exploit Title: DD-WRT 45723 - UPNP Buffer Overflow PoC Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://dd-wrt.com/ Software Link: https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/ Version: 45723 or prior Tested on: TP-Link Archer C7...
Dutch ISP Ziggo demonstrates how not to inform your customers about a security flaw
“Can you have a look at this email I got, please?" my brother asked. “It looks convincing enough, but I don’t trust it,” he added and forwarded me the email he received from Ziggo, his Internet Service Provider ISP. Shortly after, he informed me that despite its suspicious aura, he found...
CVE-2019-18992
OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" this can occur, for example, on a TP-Link Archer C7 device...
CVE-2019-18993
OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI this can occur, for example, on a TP-Link Archer C7 device...
Design/Logic Flaw
OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" this can occur, for example, on a TP-Link Archer C7 device...
Design/Logic Flaw
OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI this can occur, for example, on a TP-Link Archer C7 device...