Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kenney lu vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-12577
An issue exists on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows malicious users to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission.
Planex Cs-qr20 Firmware 1.30
Planex Smacam Night Vision -
9.8
CVSSv3
CVE-2017-12574
An issue exists on PLANEX CS-W50HD devices with firmware prior to 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows malicious users to gain unauthorized access ...
Planex Cs-w50hd Firmware
7.5
CVSSv3
CVE-2017-12575
An issue exists on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vulnerability by sending a crafted HTTP request to retrieve DHCP cl...
Aterm Wg2600hp2 Firmware 1.0.2
7.2
CVSSv3
CVE-2017-12576
An issue exists on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an malicious user to execute arbitrary code on the device when the user is authenticated. The management page was used for debugging purposes, once you login and access the page directly ...
Planex Cs-qr20 Firmware 1.30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started