5 matches found
CVE-2020-11926
CVE-2020-11926 affects Luvion Grand Elite 3 Connect (through 2020-02-25). The issue allows a client to authenticate with a username/password, with credentials retrievable via an unauthenticated web request (e.g., a JavaScript file). The disclosure also includes the deviceβs WiβFi SSID and WPA2 ke...
PT-2024-13350 Β· Mercusys Β· Mercusys Mw325R
Name of the Vulnerable Software and Affected Versions: Mercusys MW325R EU V3 version 1.11.0 221019 Description: An issue allows a WAN attacker to make the admin interface unreachable via an unauthenticated HTTP request. The verification of user data does not occur, and the web server remains...
Cross site request forgery (csrf)
Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request...
CVE-2019-11076
Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request...
Denial of service
An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticate...