Lucene search
+L

191 matches found

CVE
CVE
added 2025/08/18 8:32 p.m.32 views

CVE-2025-9119

The Netis WF2419 router (version 1.2.29433) contains a cross-site scripting vulnerability in the Wireless Settings Page (/index.htm). The vulnerability arises from unsafely handling the SSID parameter, allowing an attacker to inject payload such as to trigger XSS. The attack is remote and has a ...

4.8CVSS6.7AI score0.00238EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.4 views

Netis WF2419 代码注入漏洞

Netis WF2419 is a router from China Tiantan Netis. A code injection vulnerability exists in the Netis WF2419 version 1.2.29433, which originates from the Wireless Settings Page not filtering the SSID parameter, and can be exploited by a remote attacker to trigger a cross-site scripting attack...

4.8CVSS6.7AI score0.00238EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/18 12:0 a.m.10 views

PT-2025-33695 · Netis · Netis Wf2419

Name of the Vulnerable Software and Affected Versions: Netis WF2419 version 1.2.29433 Description: A cross-site scripting issue exists in the Wireless Settings Page component, specifically within the /index.htm file. Manipulation of the SSID argument with the input triggers the vulnerability...

4.8CVSS6.6AI score0.00238EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/08/13 7:25 a.m.15 views

CVE-2025-8834

A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack...

4.8CVSS6.6AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:0 a.m.22 views

CVE-2024-29419

There is a Cross-site scripting XSS vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013...

5.4CVSS6AI score0.00389EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.10 views

CVE-2019-15393

The Asus ZenFone Live Android device with a build fingerprint of asus/WWPhone/ASUSX00LD3:7.1.1/NMF26F/14.0400.1806.203-20180720:user/release-keys contains a pre-installed app with a package name of com.asus.atd.smmitest app versionCode=1, versionName=1 that allows unauthorized wireless settings...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.9 views

CVE-2019-15466

The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakuraindia/sakuraindia:8.1.0/OPM1.171019.019/V10.2.6.0.ODMMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app versionCode=1, versionName=QL1715201812191721 that allows...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 a.m.7 views

CVE-2019-15394

The Asus ZenFone 5 Selfie Android device with a build fingerprint of asus/WWPhone/ASUSX017D1:7.1.1/NMF26F/14.0400.1810.061-20181107:user/release-keys contains a pre-installed app with a package name of com.asus.atd.smmitest app versionCode=1, versionName=1 that allows unauthorized wireless settin...

7.8CVSS6.6AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:28 a.m.5 views

CVE-2019-19515

Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in wireless settings...

6.1CVSS5.9AI score0.00836EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:19 a.m.12 views

CVE-2019-15426

The Xiaomi 5S Plus Android device with a build fingerprint of Xiaomi/natrium/natrium:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification via ...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:10 a.m.9 views

CVE-2019-15422

The Doogee Mix Android device with a build fingerprint of DOOGEE/MIX/MIX:7.0/NRD90M/1495809471:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app versionCode=1, versionName=1 that allows unauthorized wireless settings modification via a confused...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:37 a.m.8 views

CVE-2019-15415

The Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/vince/vince:7.1.2/N2G47H/V9.5.4.0.NEGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app versionCode=1, versionName=QL1711201803291645 that allows unauthorized wireless settings...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 a.m.9 views

CVE-2019-15421

The Blackview BV7000Pro Android device with a build fingerprint of Blackview/BV7000Pro/BV7000Pro:7.0/NRD90M/1493011204:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app versionCode=1, versionName=1 that allows unauthorized wireless settings...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 a.m.8 views

CVE-2019-15425

The Kata M4s Android device with a build fingerprint of alps/fullhct675066n/hct675066n:7.0/NRD90M/1495624556:user/test-keys contains a pre-installed app with a package name of com.mediatek.factorymode app versionCode=1, versionName=1 that allows unauthorized wireless settings modification via a...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:35 a.m.7 views

CVE-2019-15424

The Doogee BL5000 Android device with a build fingerprint of DOOGEE/BL5000/BL5000:7.0/NRD90M/1497072355:user/release-keys contains a pre-installed app with a package name of com.mediatek.factorymode app versionCode=1, versionName=1 that allows unauthorized wireless settings modification via a...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:35 a.m.7 views

CVE-2019-15427

The Xiaomi Mi Mix Android device with a build fingerprint of Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification via a...

3.3CVSS6.6AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.5 views

Bosch Rexroth ctrlX OS 安全漏洞

Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, Germany, designed as an open control platform for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS that originates from a specially crafted HTTP request in the web...

5.4CVSS6.7AI score0.00426EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/20 12:0 a.m.7 views

Tenda AC10 安全漏洞

The Tenda AC10 is a wireless router from the Chinese company Tenda. Tenda AC10 suffers from a buffer overflow vulnerability, which originates from the ssid parameter of formfastsettingwifiset contains a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code...

9.8CVSS7.9AI score0.00415EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/30 12:0 a.m.6 views

PT-2025-3534 · D Link · D-Link 816

Name of the Vulnerable Software and Affected Versions: D-Link 816A2 FWv1.10CNB05 R1B011D88210 Description: An access control issue in the component form2WlanBasicSetup.cgi allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a crafted POST request to the...

7.8CVSS9.7AI score0.00419EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/05/07 10:55 p.m.19 views

CVE-2023-37325 D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability

D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The...

5.4CVSS6.7AI score0.00335EPSS
Exploits0References2
Rows per page
Query Builder