Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kaustubh g. padwad vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-19525
An issue exists on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. There is CSRF via /ui/?g=obj_keywords_add and /ui/?g=obj_keywords_addsave with resultant XSS because of a lack of csrf token validation.
Systrome Cumilon Isg-600c Firmware 1.1-r2.1
Systrome Cumilon Isg-600h Firmware 1.1-r2.1
Systrome Cumilon Isg-800w Firmware 1.1-r2.1
9.8
CVSSv3
CVE-2018-19524
An issue exists on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote malicious users to cause a denial of service (segmentation fault) or achiev...
Skyworthdigital Dt740 Firmware Sdotbgn1
Skyworthdigital Dt721-cb Firmware Sdotbgn1
Skyworthdigital Dt741-cb Firmware Sdotbgn1
1 EDB exploit
5.4
CVSSv3
CVE-2021-25326
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed.
Skyworthdigital Rn510 Firmware 3.1.0.4
7.8
CVSSv3
CVE-2019-7383
An issue exists on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1_TRUNK-20181105.bin. A shell command injection occurs by editing the description of an ISP file. The file network/isp/isp_update_edit.php does not properly validate user input, whi...
Systrome Cumilon Isg-600c Firmware 1.1-r2.1
Systrome Cumilon Isg-600h Firmware 1.1-r2.1
Systrome Cumilon Isg-800w Firmware 1.1-r2.1
7.8
CVSSv3
CVE-2019-7384
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call...
Raisecom Iscom Ht803g-u Firmware
Raisecom Iscom Ht803g-w Firmware
Raisecom Iscom Ht803g-1ge Firmware
Raisecom Iscom Ht803g Gpon Firmware
6.5
CVSSv3
CVE-2019-7386
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the ...
Kaiostech Kaios 2.5
Nokia 8810 4g Firmware 10.05
6.5
CVSSv3
CVE-2021-25327
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF) vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as the above pages are vulnerable to cross-site scripting (XSS)...
Skyworthdigital Rn510 Firmware 3.1.0.4
8.8
CVSSv3
CVE-2021-25328
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on ...
Skyworthdigital Rn510 Firmware 3.1.0.4
NA
CVE-2015-2755
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin prior to 4.0 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) l...
Ab Google Map Travel Project Ab Google Map Travel
NA
CVE-2015-1614
Multiple cross-site request forgery (CSRF) vulnerabilities in the Image Metadata Cruncher plugin for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) image_metadata_crunc...
Image Metadata Cruncher Project Image Metadata Cruncher -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »