CVE-2024-33700

The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers to cause a denial of service through a series of malformed FTP commands. This can lead to device reboots and service disruption...

CVE-2024-33623

A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2024-28052

The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while aiming to be easy to configure and operate. In addition to providing a WiFi access point, the device serves as a 4-port wired router and implements a variety of...

CVE-2024-23309

The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...

CVE-2024-33699

The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the current password...

CVE-2024-33699

The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the current password...

CVE-2024-33603

CVE-2024-33603 affects LevelOne WBR-6012 router. Cisco Talos (TALOS-2024-1985) documents an information-disclosure flaw in the web application: unauthenticated users can access the verbose system log page (syslog2.htm), exposing sensitive data such as memory addresses, debug messages, and login-a...

CVE-2024-23309

The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...

CVE-2024-28052

The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while aiming to be easy to configure and operate. In addition to providing a WiFi access point, the device serves as a 4-port wired router and implements a variety of...

CVE-2024-28052

The CVE-2024-28052 entry concerns LevelOne WBR-6012, a wireless SOHO router. Talos reports a buffer overflow in the Web Application when handling HTTP POST requests with a URI length of 1454+ characters that do not start with /upn or /upg, causing a crash/reboot and potential access to a backdoor...

CVE-2024-28052

The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while aiming to be easy to configure and operate. In addition to providing a WiFi access point, the device serves as a 4-port wired router and implements a variety of...

LevelOne WBR-6012 Web Application cross-site request forgery (CSRF) vulnerability

Talos Vulnerability Report TALOS-2024-1981 LevelOne WBR-6012 Web Application cross-site request forgery CSRF vulnerability October 30, 2024 CVE Number CVE-2024-24777 SUMMARY A cross-site request forgery CSRF vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e...

LevelOne WBR-6012 Web Application authentication bypass vulnerability

Talos Vulnerability Report TALOS-2024-1996 LevelOne WBR-6012 Web Application authentication bypass vulnerability October 30, 2024 CVE Number CVE-2024-23309 SUMMARY The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance ...

LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2024-1983 LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability October 30, 2024 CVE Number CVE-2024-32946 SUMMARY A vulnerability in the LevelOne WBR-6012 router’s firmware version R0.40e6 allows sensitive information to be transmitted in cleartext v...

PT-2024-25385 · Levelone · Levelone Wbr-6012

Name of the Vulnerable Software and Affected Versions: LevelOne WBR-6012 router affected versions not specified Description: The issue concerns a vulnerability within the web application of the router, allowing unauthenticated disclosure of sensitive information. This includes the WiFi WPS PIN,...

LevelOne WBR-6012 跨站请求伪造漏洞

The LevelOne WBR-6012 is a wireless router from LevelOne. The LevelOne WBR-6012 suffers from a cross-site request forgery vulnerability that stems from a cross-site request forgery CSRF vulnerability in a web application function...