22 matches found
EUVD-2018-7433
Malware in sbrugna...
EUVD-2018-7432
Malware in sbrugna...
EUVD-2022-43070
Malicious code in bioql PyPI...
CVE-2025-44619
Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication...
CVE-2018-15556
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
H3C GR-5400AX 安全漏洞
The H3C GR-5400AX is an enterprise Wi-Fi 6 wireless controller from China's Xinhua San H3C. A security vulnerability exists in the H3C GR-5400AX 100R008 and prior versions, which stems from a buffer overflow due to incorrect manipulation of the parameter param in file/goform/aspForm...
CVE-2022-3713
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3713
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3713
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA...
Code injection
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3713
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3713
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall releases older than version 19.5 GA...
PT-2022-23827 · Sophos · Sophos Firewall
Name of the Vulnerable Software and Affected Versions: Sophos Firewall versions prior to 19.5 GA Description: A code injection issue allows adjacent attackers to execute code in the Wifi controller. Recommendations: For versions prior to 19.5 GA, update to version 19.5 GA or later to resolve the...
Sophos Firewall 代码注入漏洞
Sophos Firewall is a firewall from Sophos UK. A code injection vulnerability exists in versions prior to Sophos Firewall 19.5GA, which stems from an adjacent attacker being able to execute code in its Wifi controller via code injection implementation...
CVE-2022-3713
CVE-2022-3713 affects Sophos Firewall pre-19.5 GA. An adjacent attacker can inject code into the Wifi controller, with CVSSv3.1: AV Adjacent, AC Low, PR None, UI None, S Unchanged, C/H/I/A High (base 8.8). Exploitation is described as requiring no user interaction. Remediation per sources is to u...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
Default credentials
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
CVE-2018-15556
CVE-2018-15556 affects the Quantenna WiFi Controller in Telus Actiontec WEB6000Q (firmware v1.1.02.22). An attacker can log in as root with an empty password via the onboard UART headers, enabling full shell access. Public PoC material exists (PacketStorm/full disclosure) describing UART-based pr...