CVE-2019-12510

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API "/soap/serversa" by supplying a malicious X-Forwarded-For header of the device's LAN IP address 192.168.1.1 in every request. As a result, an attacker may...

EUVD-2009-3136

Malware in sbrugna...

EUVD-2019-4107

Malware in sbrugna...

EUVD-2009-4693

Malware in sbrugna...

EUVD-2009-4694

Malware in sbrugna...

CVE-2025-45986

Blink routers BL-WR9000 V2.4.9 , BL-AC2100AZ3 V1.0.4, BL-X10AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200AT1 v1.0.0, BL-X26AC8 v1.2.8, BLAC450MAE4 v4.0.0 and BL-X26DA3 v1.2.7 werediscovered to contain a command injection vulnerability via the mac parameter in the bsSetMacBlack function...

CVE-2019-12513

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious...

bakers-registry (>=0.1.1 <=0.1.7), bitcoinlib (>=0.5.1 <=0.6.3) +12 more potentially affected by CVE-2024-21502 via fastecdsa (>=1.6.4 <=2.3.0)

fastecdsa PYPI version =1.6.4, =0.1.1, =0.5.1, =0.1.0, =0.7.3, =0.1.1, =0.1.0, =2.0.0, =0.1.0a28, =1.0.1, =1.0.0, =0.1.0, =0.4.3 - xchainpy-bitcoin =0.1.2 Source cves: CVE-2024-21502 Source advisory: OSV:GHSA-PH86-G9R3-5QW4...

bakers-registry (>=0.1.1 <=0.1.7), bitcoinlib (>=0.5.1 <=0.6.3) +12 more potentially affected by CVE-2024-21502 via fastecdsa (>=1.6.4 <=2.3.0)

fastecdsa PYPI version =1.6.4, =0.1.1, =0.5.1, =0.1.0, =0.7.3, =0.1.1, =0.1.0, =2.0.0, =0.1.0a28, =1.0.1, =1.0.0, =0.1.0, =0.4.3 - xchainpy-bitcoin =0.1.2 Source cves: CVE-2024-21502 Source advisory: OSV:PYSEC-2024-39...

Security Bulletin: This Power System update is being released to address CVE-2018-13787

Summary POWER8/POWER9: In response to a potential issue with validation checking of IBM firmware, a new firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2018-13787. Vulnerability Details CVEID: CVE-2018-13787 DESCRIPTION: Certain Supermicro X11S,...

Reolink P2P Cameras

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Reolink Equipment: P2P protocol Vulnerabilities: Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these...

NETGEAR Nighthawk X10-R9000 Cross-Site Scripting Vulnerability

The NETGEAR Nighthawk X10-R9000 is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR Nighthawk X10-R9000 using firmware prior to version 1.0.4.24. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker c...

NETGEAR Nighthawk X10-R9000 Authentication Bypass Vulnerability

The NETGEAR Nighthawk X10-R9000 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR Nighthawk X10-R9000 using firmware versions prior to 1.0.4.26. An attacker could exploit the vulnerability to bypass authentication...

NETGEAR Nighthawk X10-R9000 Cross-Site Scripting Vulnerability (CNVD-2020-13506)

The NETGEAR Nighthawk X10-R9000 is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR Nighthawk X10-R9000 using firmware prior to version 1.0.4.24. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker c...

CVE-2019-12513

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious...

CVE-2019-12512

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. The value supplied by this header will be inserted into administrative logs, found at Advanc...

CVE-2019-12513

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious...

CVE-2019-12511

In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled...

CVE-2019-12512

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. The value supplied by this header will be inserted into administrative logs, found at Advanc...

CVE-2019-12511

In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled...