8 matches found
CVE-2026-24934 An improper certificate validation vulnerability was found in ADM while querying an external server for the device's WAN IP address.
The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. An unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to spoof the response, leading the device to update its...
EUVD-2017-18419
Malware in sbrugna...
CVE-2025-11292
A weakness has been identified in Belkin F9K1015 1.00.10. Affected is an unknown function of the file /goform/formBSSetSitesurvey. Executing a manipulation of the argument wanipaddr can lead to command injection. The attack can be launched remotely. The exploit has been made available to the publ...
Belkin F9K1015 安全漏洞
Belkin F9K1015 is a WiFi signal extender from Belkin Canada. A security vulnerability exists in the Belkin F9K1015 version 1.00.10, which stems from the incorrect manipulation of the parameter mwanipaddr in the file /goform/formSetWanStatic, which could lead to a command injection attack...
Belkin F9K1122 命令注入漏洞
The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a command injection vulnerability that originates from the incorrect operation of the parameters wanipaddr/wannetmask/wangateway/wlssid in the file /goform/formBSSetSitesurvey. An attacker can exploit this vulnerability...
CVE-2019-16651
An issue was discovered on Virgin Media Super Hub 3 based on ARRIS TG2492 devices. Because their SNMP commands have insufficient protection mechanisms, it is possible to use JavaScript and DNS rebinding to leak the WAN IP address of a user if they are using certain VPN implementations, this would...
Command injection
An issue was discovered on Virgin Media Super Hub 3 based on ARRIS TG2492 devices. Because their SNMP commands have insufficient protection mechanisms, it is possible to use JavaScript and DNS rebinding to leak the WAN IP address of a user if they are using certain VPN implementations, this would...
Authentication flaw
The web interface on the Satechi travel router 1.5, when Wi-Fi is used for WAN access, exposes the console without authentication on the WAN IP address regardless of the "Web Management via WAN" setting, which allows remote attackers to bypass intended access restrictions via HTTP requests...