Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
karn ganeshen vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-7251
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote malicious users to obtain administrative access via a TELNET session.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
6.1
CVSSv3
CVE-2015-7252
Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote malicious users to inject arbitrary web script or HTML via the errorpage parameter.
Zte Zxhn H108n R1a Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2015-6018
The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware prior to 1.00(AANC.2)C0 allows remote malicious users to execute arbitrary commands via the PingIPAddr parameter.
Zyxel Pmg5318-b20a Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2015-7246
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote malicious users to obtain administrative access.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
8.8
CVSSv3
CVE-2016-0861
General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware prior to 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors.
Ge Ups Snmp Web Adapter Firmware
1 EDB exploit
7.5
CVSSv3
CVE-2015-7245
Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote malicious users to read sensitive information via a .. (dot dot) in the errorpage parameter.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
9.8
CVSSv3
CVE-2015-7247
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote malicious users to obtain sensitive information.
D-link Dvg-n5402sp Firmware W1000cn-00
D-link Dvg-n5402sp Firmware W1000cn-03
D-link Dvg-n5402sp Firmware W2000en-00
1 EDB exploit
9.8
CVSSv3
CVE-2015-8282
SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.
Seawell Networks Spectrum Sdc 02.05.00
1 EDB exploit
8
CVSSv3
CVE-2015-7925
Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware up to and including 10.1s0 allows remote malicious users to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot.
Ewon Ewon Firmware
4.3
CVSSv3
CVE-2015-7929
eWON devices with firmware up to and including 10.1s0 support unspecified GET requests, which might allow remote malicious users to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
Ewon Ewon Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »