CVE-2025-24348

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...

CVE-2025-24348

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...

CVE-2025-24348

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...

EZVIZ CS Series Buffer Error Vulnerability

EZVIZ CS Series is a series of cameras from the Chinese company EZVIZ. A security vulnerability exists in the EZVIZ CS Series that originates from two stack buffer overflows in the netClientSetWlanCfg function of the ZVIZ SDK Command Server, which allows remote code execution by an authenticated...

CVE-2022-20398

In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to configure Wi-Fi due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Design/Logic Flaw

Ring formerly DoorBot video doorbells allow remote attackers to obtain sensitive information about the wireless network configuration by pressing the set up button and leveraging an API in the GainSpan Wi-Fi module...

XFINITY Gateway Technicolor DPC3941T Cross Site Request Forgery Vulnerability

XFINITY Gateway Technicolor DPC3941T wifi password changing cross site request forgery proof of concept code. Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The...

XFINITY Gateway Technicolor DPC3941T Cross Site Request Forgery

Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Date: 12/12/2016 Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The Device DPC3941T is vulnerable to CSRF and has no security on the entire admin panel for it...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 enable remote management via a request to remotemanagement.php, 2...