Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
peplink 2500 firmware 7.0.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-8839
XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi.
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
4.3
CVSSv2
CVE-2017-8838
XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2017-8841
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.p...
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
5
CVSSv2
CVE-2017-8840
Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA G...
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
5
CVSSv2
CVE-2017-8837
Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is compromised,...
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2017-8835
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by obs...
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
6.8
CVSSv2
CVE-2017-8836
CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an malicious user to execute commands, if a logge...
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started