CVE-2020-12106

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point...

EUVD-2020-4422

Malware in sbrugna...

EUVD-2020-4423

Malware in sbrugna...

CVE-2020-12107

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System...

CVE-2020-12107

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System...

CVE-2020-12106

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point...

CVE-2020-12107

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System...

CVE-2020-12106

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point...

Command injection

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System...

Design/Logic Flaw

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point...

CVE-2020-12107

CVE-2020-12107 affects VPNCrypt M10 2.6.5: the Web portal of the WiFi module allows command injection via a text field, enabling full control over the module’s operating system. Reported CVSS v3.1 base score 9.8 (NETWORK, LOW complexity, PR NONE, UI NONE) with high impact on confidentiality, inte...

CVE-2020-12107

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System...

CVE-2020-12106

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point...

CVE-2020-12106

CVE-2020-12106 affects VPNCrypt M10 2.6.5: the Web portal allows unauthenticated HTTP POST requests to multiple administrative actions (e.g., changing Administrator credentials or connecting the device to a rogue access point). Red Hat and NVD entries corroborate unauthenticated remote access to ...