Surf Soho Firmware Security Vulnerabilities and Issues — Surf Soho Firmware CVE List

Lucene search

PeplinkSurf Soho Firmware

5 matches found

CVE•added 2023/10/11 4:15 p.m.•45 views

CVE-2023-35194

An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerabilit...

8.8CVSS8.8AI score0.00232EPSS

CVE•added 2023/10/11 4:15 p.m.•44 views

CVE-2023-28381

An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

8.8CVSS8.8AI score0.00296EPSS

CVE•added 2023/10/11 4:15 p.m.•42 views

CVE-2023-27380

An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

8.8CVSS8.8AI score0.00284EPSS

CVE•added 2023/10/11 4:15 p.m.•32 views

CVE-2023-35193

8.8CVSS8.8AI score0.00232EPSS

CVE•added 2023/10/11 4:15 p.m.•30 views

CVE-2023-34356

An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

8.8CVSS8.8AI score0.00296EPSS