Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andrew klaus vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-15555
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers.
Actiontec Web6000q Firmware 1.1.02.22
8.8
CVSSv3
CVE-2018-15557
An issue exists in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat.
Actiontec Web6000q Firmware 1.1.02.22
6.8
CVSSv3
CVE-2019-12789
An issue exists on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence (Ctrl-\) to obtain a shell with root privileges. After gaining root access, the att...
Actiontec T2200h Firmware T2200h-31.1238l.08
6.1
CVSSv3
CVE-2018-1000611
SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross Site Scripting (XSS) vulnerability that can result in Allows an malicious user to inject arbitrary web scripts or HTML into help and login pages. This attack appear to be exploitable via the victim opening a s...
Openconext Openconext Engineblock
9.8
CVSSv3
CVE-2018-15556
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers.
Actiontec Web6000q Firmware 1.1.02.22
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started