32 matches found
CVE-2019-16340
Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfojson.cgi URI...
EUVD-2019-7117
Malware in sbrugna...
CVE-2024-36821
Insecure permissions in Linksys Velop WiFi 5 WHW01v1 1.1.13.202617 allows attackers to escalate privileges from Guest to root...
CVE-2024-40750
Linksys Velop Pro 6E 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation...
CVE-2018-17208
Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker with full root access, via cgi-bin/zbtest.cgi or cgi-bin/zbtest2.cgi scripts that can be discovered with binwalk on the firmware, but are not visible in the web interface. This occurs because shell...
CVE-2024-40750
Linksys Velop Pro 6E 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation...
CVE-2024-40750
Linksys Velop Pro 6E 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation...
CVE-2024-40750
CVE-2024-40750 concerns Linksys Velop Pro 6E devices (versions 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314). The issue is that during app-based installation, cleartext Wi‑Fi passwords are transmitted over the public Internet. Root cause details are not fully specified in the provided documents,...
CVE-2024-40750
Linksys Velop Pro 6E 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation...
Linksys Velop Pro 6E Security Vulnerability
The Linksys Velop Pro 6E is a wireless router from Linksys. A security vulnerability exists in Linksys Velop Pro 6E versions 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314, which originates from a plaintext Wi-Fi password being sent over the public Internet during an application-based installation...
CVE-2024-40750
Linksys Velop Pro 6E 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation...
PT-2024-29027 · Linksys · Linksys Velop Pro 6E
Name of the Vulnerable Software and Affected Versions: Linksys Velop Pro 6E version 1.0.8 Linksys Velop Pro 6E version 1.0.10.215314 Description: The issue concerns Linksys Velop Pro 6E devices sending cleartext Wi-Fi passwords over the public Internet during app-based installation...
CVE-2024-36821
Insecure permissions in Linksys Velop WiFi 5 WHW01v1 1.1.13.202617 allows attackers to escalate privileges from Guest to root...
CVE-2024-36821
Insecure permissions in Linksys Velop WiFi 5 WHW01v1 1.1.13.202617 allows attackers to escalate privileges from Guest to root...
CVE-2024-36821
Insecure permissions in Linksys Velop WiFi 5 WHW01v1 1.1.13.202617 allows attackers to escalate privileges from Guest to root...
CVE-2024-36821
Insecure permissions in Linksys Velop WiFi 5 WHW01v1 1.1.13.202617 allows attackers to escalate privileges from Guest to root...
Linksys Velop WiFi Security Breach
Linksys Velop WiFi is a router from Linksys USA. A security vulnerability exists in Linksys Velop WiFi version 5 WHW01v1 1.1.13.202617, which originated from a vulnerability that allows an attacker to elevate privileges from Guest to root via directory traversal...
CVE-2024-36821
CVE-2024-36821 affects Linksys Velop WiFi 5 (WHW01v1) with firmware 1.1.13.202617. The Red Hat and NVD entries describe insecure permissions that permit escalation from Guest to root, indicating a privilege-escalation vulnerability. The exact vulnerable component is a permissions/authorization is...
PT-2024-27170 · Linksys · Linksys Velop Wifi 5
Name of the Vulnerable Software and Affected Versions: Linksys Velop WiFi 5 WHW01v1 version 1.1.13.202617 Description: The issue is related to insecure permissions, allowing attackers to escalate privileges from Guest to root. Recommendations: For version 1.1.13.202617, at the moment, there is no...
GSD-2021-1000002 Local DoS in Velop version 2.1.13.200506 - unknown
In Linksys Velop version 2.1.13.200506 - unknown a Local DoS exists in the MQTT stack that can be attacked via Local network access resulting in Denial of Service...