Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kaustubh g. padwad vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-25326
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed.
Skyworthdigital Rn510 Firmware 3.1.0.4
6.5
CVSSv3
CVE-2021-25327
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF) vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as the above pages are vulnerable to cross-site scripting (XSS)...
Skyworthdigital Rn510 Firmware 3.1.0.4
8.8
CVSSv3
CVE-2021-25328
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on ...
Skyworthdigital Rn510 Firmware 3.1.0.4
6.1
CVSSv3
CVE-2021-3275
Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through...
Tp-link Td-w9977 Firmware V1 0.1.0 0.9.1 Up Boot\\(161123\\) 2016-11-23 15.36.15
Tp-link Tl-wa801nd Firmware V5 Us 0.9.1 3.16 Up Boot\\[170905-rel56404\\]
Tp-link Tl-wa801n Firmware V6 Eu 0.9.1 3.16 Up Boot\\[200116-rel61815\\]
Tp-link Tl-wr802n Firmware V4 Us 0.9.1 3.17 Up Boot\\[200421-rel38950\\]
Tp-link Archer-c3150 Firmware V2 170926
7.8
CVSSv3
CVE-2019-7383
An issue exists on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1_TRUNK-20181105.bin. A shell command injection occurs by editing the description of an ISP file. The file network/isp/isp_update_edit.php does not properly validate user input, whi...
Systrome Cumilon Isg-600c Firmware 1.1-r2.1
Systrome Cumilon Isg-600h Firmware 1.1-r2.1
Systrome Cumilon Isg-800w Firmware 1.1-r2.1
7.8
CVSSv3
CVE-2019-7384
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call...
Raisecom Iscom Ht803g-u Firmware
Raisecom Iscom Ht803g-w Firmware
Raisecom Iscom Ht803g-1ge Firmware
Raisecom Iscom Ht803g Gpon Firmware
6.5
CVSSv3
CVE-2019-7386
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the ...
Kaiostech Kaios 2.5
Nokia 8810 4g Firmware 10.05
9.8
CVSSv3
CVE-2018-19524
An issue exists on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote malicious users to cause a denial of service (segmentation fault) or achiev...
Skyworthdigital Dt740 Firmware Sdotbgn1
Skyworthdigital Dt721-cb Firmware Sdotbgn1
Skyworthdigital Dt741-cb Firmware Sdotbgn1
1 EDB exploit
6.1
CVSSv3
CVE-2018-19525
An issue exists on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. There is CSRF via /ui/?g=obj_keywords_add and /ui/?g=obj_keywords_addsave with resultant XSS because of a lack of csrf token validation.
Systrome Cumilon Isg-600c Firmware 1.1-r2.1
Systrome Cumilon Isg-600h Firmware 1.1-r2.1
Systrome Cumilon Isg-800w Firmware 1.1-r2.1
NA
CVE-2015-2755
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin prior to 4.0 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) l...
Ab Google Map Travel Project Ab Google Map Travel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »