CVE-2026-27846

Due to missing authentication, a user with physical access to the device can misuse the mesh functionality for adding a new mesh device to the network to gain access to sensitive information, including the password for admin access to the web interface and the Wi-Fi passwords.This issue affects...

PT-2026-21925

Name of the Vulnerable Software and Affected Versions Linksys MR9600 version 1.0.4.205530 Linksys MX4200 version 1.0.13.210200 Description A lack of proper authentication allows a user with physical access to the device to misuse the mesh functionality. This can lead to gaining access to sensitiv...

CVE-2020-37093 Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak

Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...

EUVD-2016-2654

Malware in sbrugna...

EUVD-2020-28006

Malware in sbrugna...

Intelbras IWR 3000N 安全漏洞

Intelbras IWR 3000N is a wireless router from Intelbras, Brazil. A security vulnerability exists in Intelbras IWR 3000N version 1.9.8, which originates from the explicit storage of Wi-Fi passwords and could lead to password disclosure...

GNCC GC2 安全漏洞

The GNCC GC2 is an indoor security camera from GNCC. A security vulnerability exists in the GNCC GC2 that stems from the ability to read WiFi passwords via the UART debug port...

PT-2024-29027 · Linksys · Linksys Velop Pro 6E

Name of the Vulnerable Software and Affected Versions: Linksys Velop Pro 6E version 1.0.8 Linksys Velop Pro 6E version 1.0.10.215314 Description: The issue concerns Linksys Velop Pro 6E devices sending cleartext Wi-Fi passwords over the public Internet during app-based installation...

PT-2024-14372 · D Link · D-Link Covr 1100 +2

Name of the Vulnerable Software and Affected Versions: D-Link COVR 1100, 1102, 1103 AC1200 Dual-Band Whole-Home Mesh Wi-Fi System Hardware Rev B1 Description: The issue truncates Wireless Access Point Passwords WPA-PSK, allowing an attacker to gain unauthorized network access via weak...

CVE-2024-20324

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and sho...

CVE-2023-46978

TOTOLINK X6000R V9.4.0cu.852B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication...

SUSE CVE-2011-3177

The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks...

CVE-2022-35122

An access control issue in Ecowitt GW1100 Series Weather Stations =GW1100Bv2.1.5 allows unauthenticated attackers to access sensitive information including device and local WiFi passwords...

CVE-2022-35122

An access control issue in Ecowitt GW1100 Series Weather Stations =GW1100Bv2.1.5 allows unauthenticated attackers to access sensitive information including device and local WiFi passwords...

Ecowitt GW1100 Series Weather Stations 访问控制错误漏洞

Ecowitt GW1100 Series Weather Stations is a wireless WIFI weather station gateway with temperature, humidity and pressure sensors from Ecowitt. The Ecowitt GW1100 Series Weather Stations GW1100Bv2.1.5 and prior versions have an access control error vulnerability that stems from its improper acces...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. Google Android 13 suffers from a security vulnerability that stems from insecure defaults that could leak WiFi passwords to end users...

Libre Wireless LS9 访问控制错误漏洞

Libre Wireless LS9 is a network device from Libre Wireless, Inc. Libre Wireless LS9 LS1.5/p7040 devices. an access control error vulnerability exists that stems from the luci service daemon running on port 7777 providing a subclass of commands with the Read prefix. Such commands can directly read...

Locking down your cyber life in lockdown

Today the NCSC refreshed their advice for online shoppers, so I thought it’d be handy to review and advise on other aspects of consumer security hygiene. More than ever, we’re reliant on technology, so now that we’re in various stages of lockdown it’s a great time to have a look at your home and...

CVE-2020-6864

ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router...

Information disclosure

ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router...