Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
router vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-2562
ZyXEL P-335WT router allows remote malicious users to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
Zyxel P-335wt Router
7.5
CVSSv2
CVE-2011-3601
Buffer overflow in the process_ra function in the router advertisement daemon (radvd) prior to 1.8.2 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value.
Litech Router Advertisement Daemon
4.4
CVSSv2
CVE-2011-3603
The router advertisement daemon (radvd) prior to 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
Litech Router Advertisement Daemon
NA
CVE-2023-39286
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect up to and including 9.6.2304.102 could allow an unauthenticated malicious user to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit coul...
Mitel Connect Mobility Router
4.3
CVSSv2
CVE-2011-0746
Cross-site request forgery (CSRF) vulnerability in Forms/PortForwarding_Edit_1 on the ZyXEL O2 DSL Router Classic allows remote malicious users to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the PortRule_Name param...
Zyxel O2 Dsl Router Classic
10
CVSSv2
CVE-2002-2133
Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote malicious users to gain unauthorized access by sniffing and decrypting the administrative password.
Telindus 1120 Adsl Router 6.0.21b Firmware
7.8
CVSSv2
CVE-2009-3322
The Siemens Gigaset SE361 WLAN router allows remote malicious users to cause a denial of service (device reboot) via a flood of crafted TCP packets to port 1723.
Siemens Gigaset Se361 Wlan Router
1 EDB exploit
7.5
CVSSv2
CVE-2006-3595
The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) prior to 3.3.0 build 31 does not require credentials, which allows remote malicious users to access the server with arbitrary privilege levels, aka bug CSCsa78190.
Cisco Router Web Setup 3.3.0 Build 30
6.5
CVSSv2
CVE-2020-12773
A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool.
Realtek Adsl Router Soc Firmware -
4.3
CVSSv2
CVE-2010-0470
Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote malicious users to inject arbitrary web script or HTML via the srvName parameter.
Comtrend Ct-507it Adsl Router
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »