Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/02/03 2:26 a.m.34 views

CVE-2026-24934 An improper certificate validation vulnerability was found in ADM while querying an external server for the device's WAN IP address.

The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. An unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to spoof the response, leading the device to update its...

6.3CVSS0.00156EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-18419

Malware in sbrugna...

5.9CVSS5.9AI score0.01166EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2025/10/05 2:2 p.m.4 views

CVE-2025-11292

A weakness has been identified in Belkin F9K1015 1.00.10. Affected is an unknown function of the file /goform/formBSSetSitesurvey. Executing a manipulation of the argument wanipaddr can lead to command injection. The attack can be launched remotely. The exploit has been made available to the publ...

8.8CVSS5.4AI score0.06796EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/10/05 12:0 a.m.6 views

Belkin F9K1015 安全漏洞

Belkin F9K1015 is a WiFi signal extender from Belkin Canada. A security vulnerability exists in the Belkin F9K1015 version 1.00.10, which stems from the incorrect manipulation of the parameter mwanipaddr in the file /goform/formSetWanStatic, which could lead to a command injection attack...

8.8CVSS6.8AI score0.06796EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/06 12:0 a.m.7 views

Belkin F9K1122 命令注入漏洞

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a command injection vulnerability that originates from the incorrect operation of the parameters wanipaddr/wannetmask/wangateway/wlssid in the file /goform/formBSSetSitesurvey. An attacker can exploit this vulnerability...

8.8CVSS8AI score0.13474EPSS
Exploits1References6
NVD
NVD
added 2021/09/20 2:15 p.m.21 views

CVE-2019-16651

An issue was discovered on Virgin Media Super Hub 3 based on ARRIS TG2492 devices. Because their SNMP commands have insufficient protection mechanisms, it is possible to use JavaScript and DNS rebinding to leak the WAN IP address of a user if they are using certain VPN implementations, this would...

5.3CVSS0.01109EPSS
Exploits1References2
Prion
Prion
added 2021/09/20 2:15 p.m.15 views

Command injection

An issue was discovered on Virgin Media Super Hub 3 based on ARRIS TG2492 devices. Because their SNMP commands have insufficient protection mechanisms, it is possible to use JavaScript and DNS rebinding to leak the WAN IP address of a user if they are using certain VPN implementations, this would...

5CVSS5.3AI score0.01109EPSS
Exploits1References2
Prion
Prion
added 2013/11/30 11:43 a.m.15 views

Authentication flaw

The web interface on the Satechi travel router 1.5, when Wi-Fi is used for WAN access, exposes the console without authentication on the WAN IP address regardless of the "Web Management via WAN" setting, which allows remote attackers to bypass intended access restrictions via HTTP requests...

5.8CVSS7.6AI score0.01227EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder