28 matches found
CVE-2025-65128
A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "nocommit" and supplying the...
CVE-2025-64075
A path traversal vulnerability in the checktoken function of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to bypass authentication and perform administrative actions by supplying a crafted session cookie value...
CVE-2025-65128
A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "nocommit" and supplying the...
ZBT WE2001 安全漏洞
ZBT WE2001 is a wireless router produced by ZBT Corporation. The version dated 23.09.27 of ZBT WE2001 contains a security vulnerability. This vulnerability stems from the lack of an authentication mechanism in the Web management API component, which may allow unauthenticated attackers on the loca...
CVE-2025-64075
A path traversal vulnerability in the checktoken function of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to bypass authentication and perform administrative actions by supplying a crafted session cookie value...
ZBT WE2001 安全漏洞
ZBT WE2001 is a wireless router produced by ZBT Technology Co., Ltd. Version 23.09.27 of ZBT WE2001 contains a security vulnerability. This vulnerability stems from a lack of session verification in the Web API component, which may allow unauthenticated remote attackers to obtain device...
CVE-2025-64074
CVE-2025-64074 concerns Shenzhen Zhibotong Electronics ZBT WE2001 (firmware version 23.09.27). A path-traversal vulnerability in the logout functionality could allow remote attackers to delete arbitrary host files by supplying a crafted session cookie value. The description does not specify affec...
ZBT WE2001 安全漏洞
ZBT WE2001 is a wireless router produced by ZBT Technology Co., Ltd. Version 23.09.27 of ZBT WE2001 contains a security vulnerability. This vulnerability stems from path traversal vulnerabilities in the logout function, which could allow remote attackers to delete any file on the host...
CVE-2025-64074
A path-traversal vulnerability in the logout functionality of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to delete arbitrary files on the host by supplying a crafted session cookie value...
CVE-2025-65128
A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "nocommit" and supplying the...
ZBT WE2001 安全漏洞
ZBT WE2001 is a wireless router produced by ZBT Technology Co., Ltd. Version 23.09.27 of ZBT WE2001 contains a security vulnerability. This vulnerability stems from a path traversal vulnerability in the checktoken function, which could allow remote attackers to bypass authentication and execute...
Malicious code in zbt_element_definer (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
CVE-2022-45552
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...
CVE-2022-45551
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint...
Command injection
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint...
Design/Logic Flaw
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...
CVE-2022-45551
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint...
CVE-2022-45552
CVE-2022-45552 concerns an Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v21.06.18. The issue arises from exposure of the NAND flash memory via the SPI bus interface, coupled with insecure permissions, allowing an attacker to read sensitive information from...
ZBT WE1626 访问控制错误漏洞
The ZBT WE1626 is a router. A security vulnerability exists in the ZBT WE1626 version 21.06.18, which stems from a vulnerability that allows an attacker to elevate privileges via the WGET command...
CVE-2022-45552
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory...