CVE-2018-12694

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service reboot via data/reboot.json...

EUVD-2019-9124

Malware in sbrugna...

EUVD-2016-1857

Malware in sbrugna...

EUVD-2020-3322

Malware in sbrugna...

EUVD-2022-28055

Malicious code in bioql PyPI...

CVE-2024-32325

TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the ssid parameter in the setWiFiExtenderConfig function...

CVE-2016-10863

Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure...

TOTOLINK EX1800T Buffer Overflow Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from a buffer overflow vulnerability that originates from the parameter loginpass failing to properly validate the length size of the input data, which can be exploited by an attack...

Denial of service

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot...

CVE-2020-10916

The CVE-2020-10916 issue affects TP-Link TL-WA855RE Wi‑Fi extenders (firmware 855rev4-up-ver1-0-1-P1). The root cause is improper validation during the first-time setup flow, enabling a network-adjacent attacker to bypass authentication, reset the Admin password, and execute code on the device. M...

TP-Link TL-WA855RE login.json Improper Authentication Privilege Escalation Vulnerability

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

TP-Link Wi-Fi extender User-Agent Header Injection CVE-2019-7406

A pre-authentication command injection vulnerability in TP-Link Wi-Fi extenders allows commands to be executed as root. The injection occurs when the User-Agent header of a request is passed to an execve system call. TP-Link RE365 Wi-Fi extender with firmware version 1.0.2, build 20180213 Rel...

CVE-2016-10863

Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure...

Cross site request forgery (csrf)

Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure...

CVE-2016-10863

Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure...

CVE-2016-10863

The CVE-2016-10863 entry concerns Edimax Wi‑Fi Extender devices affected by a CSRF vulnerability via the web endpoint goform/formwlencryptvxd, which can disclose the PSK key. The issue is rooted in a cross-site request forgery vulnerability in the device’s WEB application, enabling an attacker to...

TP-Link Wi-Fi extender remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

WiFi extender can enlarge the WiFi signal, mainly used for large or multi-storey residential, and the router signal can not cover the family's case. The extender's principle is from the main router to get a WiFi signal, and broadcast channel other WiFi signal weak or no signal area. IBM X-Force...

CVE-2015-5536

Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the 1 subdir parameter in a formUSBStorage request; pinCode parameter in a 2 formWpsStart or 3 formiNICWpsStart request; 4 wpsenroleepin parameter in a...

Belkin N300 Dual-Band Wi-Fi Range Extender formWlanSetupWPS wps_enrolee_pin Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Belkin N300 Dual-Band Wi-Fi Range Extender. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of formWlanSetupWPS requests. It is possible to...

Belkin N300 Dual-Band Wi-Fi Range Extender formUSBStorage Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Belkin N300 Dual-Band Wi-Fi Range Extender. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of formUSBStorage requests. It is possible to inje...