Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
router vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-0607
Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote malicious users to inject arbitrary web script or HTML via the Stat_Radio parameter.
Sterlitetechnologies Sam300 Ax Router
1 EDB exploit
6.4
CVSSv2
CVE-2011-3602
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) prior to 1.8.2 allows local users to overwrite arbitrary files, and remote malicious users to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leverag...
Litech Router Advertisement Daemon
7.5
CVSSv2
CVE-2011-3604
The process_ra function in the router advertisement daemon (radvd) prior to 1.8.2 allows remote malicious users to cause a denial of service (stack-based buffer over-read and crash) via unspecified vectors.
Litech Router Advertisement Daemon
5
CVSSv2
CVE-1999-1524
FlowPoint DSL router firmware versions before 3.0.8 allows a remote malicious user to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port.
Flowpoint Flowpoint Dsl Router
5
CVSSv2
CVE-2011-3605
The process_rs function in the router advertisement daemon (radvd) prior to 1.8.2, when UnicastOnly is enabled, allows remote malicious users to cause a denial of service (temporary service hang) via a large number of ND_ROUTER_SOLICIT requests.
Litech Router Advertisement Daemon
7.5
CVSSv2
CVE-2006-2562
ZyXEL P-335WT router allows remote malicious users to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
Zyxel P-335wt Router
NA
CVE-2020-14140
When Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal WIFI password vulnerability. This vulnerability is caused by the lack of access control policies on some API interfaces. Attackers can exploit this vulnerability to enter the backgroun...
Mi Xiaomi Router Firmware
4.3
CVSSv2
CVE-2007-6729
Cross-site scripting (XSS) vulnerability in the web management interface in the ZyXEL P-330W router allows remote malicious users to inject arbitrary web script or HTML via the pingstr parameter and other unspecified vectors.
Zyxel P-330w Router
9.3
CVSSv2
CVE-2007-6730
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote malicious users to hijack the authentication of administrators for requests that (1) enable remote router management via goform/formRmtMgt or (2) mod...
Zyxel P-330w Router
NA
CVE-2023-39286
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect up to and including 9.6.2304.102 could allow an unauthenticated malicious user to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit coul...
Mitel Connect Mobility Router
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »