EUVD-2019-15848

Malware in sbrugna...

CVE-2019-1010136

ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access Control - Unauthenticated Remote Reboot. The impact is: PLC Wireless Router's are vulnerable to an unauthenticated remote reboot due. The component is: Reboot settings are available to unauthenticated users instead of only...

Design/Logic Flaw

ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access Control - Unauthenticated Remote Reboot. The impact is: PLC Wireless Router's are vulnerable to an unauthenticated remote reboot due. The component is: Reboot settings are available to unauthenticated users instead of only...

CVE-2019-1010136

ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access Control - Unauthenticated Remote Reboot. The impact is: PLC Wireless Router's are vulnerable to an unauthenticated remote reboot due. The component is: Reboot settings are available to unauthenticated users instead of only...

CVE-2019-1010136

CVE-2019-1010136 affects ChinaMobile GPN2.4P21-C-CN W2001EN-00. The root cause is Incorrect Access Control, enabling Unauthenticated Remote Reboot. Reboot settings are accessible to unauthenticated users, enabling a Remote attack vector. No remediation details are provided in the connected docume...

CVE-2019-6282

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have CSRF via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password...

CVE-2019-6282

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have CSRF via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password...

CVE-2019-6279

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have an Incorrect Access Control vulnerability via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password...

Improper access control

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have an Incorrect Access Control vulnerability via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password...

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Cross-Site Request Forgery CSRF Date: 14/01/2019 Exploit Author: Kumar Saurav Reference:...

PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control Exploit

Exploit for hardware platform in category web applications Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Incorrect Access Control Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-incorrect-access-control/ Vendor: ChinaMobile...

PLC Wireless Router GPN2.4P21-C-CN Incorrect Access Control

Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Incorrect Access Control Date: 14/01/2019 Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-incorrect-access-control/ Vendor: ChinaMobile Category: Hardware Version: GPN2.4P21-C-C...

PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control

Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Incorrect Access Control Date: 14/01/2019 Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-incorrect-access-control/ Vendor: ChinaMobile Category: Hardware Version: GPN2.4P21-C-C...

PLC Wireless Router GPN2.4P21-C-CN Cross Site Request Forgery

Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Cross-Site Request Forgery CSRF Date: 14/01/2019 Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-cross-site-request-forgery-csrf/ Vendor: ChinaMobile Category: Hardware Version:...

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery Exploit

Exploit for hardware platform in category web applications Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Cross-Site Request Forgery CSRF Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-cross-site-request-forgery-csrf/ Vendo...

CVE-2019-6282

The CVE-2019-6282 issue affects ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices running firmware W2001EN-00. The vulnerability is CSRF through the URI cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity, enabling an attacker to change the Wireless Security Password. Public exploit r...

CVE-2019-6279

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 suffer an Incorrect Access Control vulnerability exposed via cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity, enabling an attacker to change the wireless password. Root cause: improper access control on the...

CVE-2018-20326

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter...

CVE-2018-20326

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter...

Design/Logic Flaw

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter...