Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
almond 2015 firmware vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-2914
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote malicious users to spoof responses...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
7.3
CVSSv2
CVE-2015-2915
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote malicious users to obtain web-management access by leveraging the ability to auth...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
6.8
CVSSv2
CVE-2015-2916
Cross-site request forgery (CSRF) vulnerability on Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M allows remote malicious users to hijack the authentication of arbitrary users.
Securifi Almond-2015 Firmware
Securifi Almond Firmware
4.3
CVSSv2
CVE-2015-2917
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
4.3
CVSSv2
CVE-2015-7296
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a linear algorithm for selecting the ID value in the header of a DNS query performed on behalf of the device itself, which makes it easier for remote mal...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
9.3
CVSSv2
CVE-2017-8328
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross site request ...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
6
CVSSv2
CVE-2017-8334
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking IP addresses using the web management interface. It seems that the device does not implement any cross-site scripting forgery pro...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
6.8
CVSSv2
CVE-2017-8337
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of executing various actions on the web management interface. It seems that the device does not implement any Origin header check which allow...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
6.5
CVSSv2
CVE-2017-8332
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to prevent kids from watching content that might be deemed unsafe using the web management i...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
3.3
CVSSv2
CVE-2017-8330
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »