Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gateway firmware vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2016-7454
CSRF vulnerability on Technicolor TC dpc3941T (formerly Cisco dpc3941T) devices with firmware dpc3941-P20-18-v303r20421733-160413a-CMCST allows an malicious user to change the Wi-Fi password, open the remote management interface, or reset the router.
Technicolor Xfinity Gateway Router Dpc3941t Firmware Dpc3941-p20-18-v303r20421733-160413a-cmcst
1 EDB exploit
6.5
CVSSv3
CVE-2021-27328
Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key.
Yeastar Neogate Tg400 Firmware 91.3.0.3
2 Github repositories
NA
CVE-2014-7277
Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified "welcome message" form data that is ...
Zyxel Sbg3300-n Firmware
Zyxel Sbg3300-n -
NA
CVE-2014-7278
The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and previous versions allows remote malicious users to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified "welcome message" form data that ...
Zyxel Sbg3300-n Firmware
Zyxel Sbg3300-n -
6.5
CVSSv3
CVE-2019-13140
Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL v...
Intenogroup Eg200 Firmware Eg200-wu7p1u Adamo3.16.4-190226 1650
9.8
CVSSv3
CVE-2016-2331
The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware prior to 01A.8 has a default password, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Systech Syslink Sl-1000 Modular Gateway Firmware -
7.5
CVSSv3
CVE-2016-2333
SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware prior to 01A.8 use the same hardcoded encryption key across different customers' installations, which allows malicious users to defeat cryptographic protection mechanisms by leveraging knowledge o...
Systech Syslink Sl-1000 Modular Gateway Firmware -
8.8
CVSSv3
CVE-2016-2332
flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware prior to 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 (aka dnsmasq) parameter.
Systech Syslink Sl-1000 Modular Gateway Firmware -
NA
CVE-2007-3574
Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote malicious users to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setc...
Linksys Wag54gs 1.00.06
1 EDB exploit
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »