Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
almond 2015 firmware vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-2914
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote malicious users to spoof responses...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
650
VMScore
CVE-2015-2915
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote malicious users to obtain web-management access by leveraging the ability to auth...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
605
VMScore
CVE-2015-2916
Cross-site request forgery (CSRF) vulnerability on Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M allows remote malicious users to hijack the authentication of arbitrary users.
Securifi Almond-2015 Firmware
Securifi Almond Firmware
383
VMScore
CVE-2015-2917
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
383
VMScore
CVE-2015-7296
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a linear algorithm for selecting the ID value in the header of a DNS query performed on behalf of the device itself, which makes it easier for remote mal...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
828
VMScore
CVE-2017-8328
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross site request ...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
534
VMScore
CVE-2017-8334
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking IP addresses using the web management interface. It seems that the device does not implement any cross-site scripting forgery pro...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
605
VMScore
CVE-2017-8337
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of executing various actions on the web management interface. It seems that the device does not implement any Origin header check which allow...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
578
VMScore
CVE-2017-8332
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to prevent kids from watching content that might be deemed unsafe using the web management i...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
294
VMScore
CVE-2017-8330
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »