Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openwrt vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-9385
An issue exists on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtain on the device. This web interface uses root as the username and the password in the /et...
Getvera Veraedge Firmware
Getvera Veralite Firmware
8.8
CVSSv3
CVE-2017-17867
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed becau...
Intenogroup Iopsys
Intenogroup Iopsys 4.0
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2020-11965
In IQrouter up to and including 3.3.1, there is a root user without a password, which allows malicious users to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configu...
Evenroute Iqrouter Firmware
7.5
CVSSv3
CVE-2020-11968
In the web-panel in IQrouter up to and including 3.3.1, remote attackers can read system logs because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which ...
Evenroute Iqrouter Firmware
9.8
CVSSv3
CVE-2020-11963
IQrouter up to and including 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating t...
Evenroute Iqrouter Firmware
7.5
CVSSv3
CVE-2020-11964
In IQrouter up to and including 3.3.1, the Lua function diag_set_password in the web-panel allows remote malicious users to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the force...
Evenroute Iqrouter Firmware
9.8
CVSSv3
CVE-2020-11966
In IQrouter up to and including 3.3.1, the Lua function reset_password in the web-panel allows remote malicious users to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced i...
Evenroute Iqrouter Firmware
9.8
CVSSv3
CVE-2020-11967
In IQrouter up to and including 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced in...
Evenroute Iqrouter Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6