Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
realtek realtek sdk - vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-35394
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability t...
Realtek Realtek Jungle Sdk
10
CVSSv2
CVE-2021-35393
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulner...
Realtek Realtek Jungle Sdk
1 Github repository
10
CVSSv2
CVE-2021-35395
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both o...
Realtek Realtek Jungle Sdk
1 Article
10
CVSSv2
CVE-2021-27372
Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow malicious users to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.
Realtek Xpon Rtl9601d Software Development Kit 1.9
10
CVSSv2
CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote malicious users to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild up to and including 2023.
Dlink Dir-905l Firmware
Dlink Dir-605l Firmware
Dlink Dir-600l Firmware
Realtek Realtek Sdk -
Dlink Dir-619l Firmware
Dlink Dir-809 Firmware
1 EDB exploit
1 Github repository
1 Article
9
CVSSv2
CVE-2019-19824
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This aff...
Totolink A3002ru Firmware
Totolink A702r Firmware
Totolink N301rt Firmware
Totolink N302r Firmware
Totolink N300rt Firmware
Totolink N200re Firmware
Totolink N150rt Firmware
Totolink N100re Firmware
1 Github repository
7.8
CVSSv2
CVE-2021-35392
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a heap buffer overflow that is...
Realtek Jungle Sdk
7.5
CVSSv2
CVE-2019-19825
On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPTCHA text is not needed once the attacker has determined valid...
Totolink A3002ru Firmware
Totolink A702r Firmware
Totolink N301rt Firmware
Totolink N302r Firmware
Totolink N300rt Firmware
Totolink N200re Firmware
Totolink N150rt Firmware
Totolink N100re Firmware
6.5
CVSSv2
CVE-2020-12773
A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool.
Realtek Adsl Router Soc Firmware -
5
CVSSv2
CVE-2019-19822
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote malicious users to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU up to and including 2.0.0, A702R up to ...
Totolink A3002ru Firmware
Totolink A702r Firmware
Totolink N302r Firmware
Totolink N300rt Firmware
Totolink N200re Firmware
Totolink N150rt Firmware
Totolink N100re Firmware
Realtek Rtk 11n Ap Firmware
Sapido Gr297n Firmware
Ciktel Mesh Router Firmware
Kctvjeju Wireless Ap Firmware
Fg-products Fgn-r2 Firmware
Hiwifi Max-c300n Firmware
Tbroad Gn-866ac Firmware
Coship Emta Ap Firmwre
Iodata Wn-ac1167r Firmwre
Hcn Max-c300n Project Hcn Max-c300n Firmware
Totolink N301rt Firmware
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »