Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oz elisyan vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-5037
The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote malicious users to obtain the WPA or WPA2 pre-shared key via EAP messages.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
NA
CVE-2013-5038
The HOT HOTBOX router with software 2.1.11 allows remote malicious users to bypass authentication by configuring a source IP address that had previously been used for an authenticated session.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
NA
CVE-2013-5039
Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote malicious users to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecur...
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
NA
CVE-2013-5218
Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote malicious users to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
NA
CVE-2013-5219
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote malicious users to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
NA
CVE-2013-5220
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote malicious users to cause a denial of service (device crash) via crafted HTTP POST data.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
NA
CVE-2014-4727
Cross-site scripting (XSS) vulnerability in the DHCP clients page in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware prior to 140916 allows remote malicious users to inject arbitrary web script or HTML via the hostname in a DHCP request.
Tp-link Tl-wdr4300 Firmware
Tp-link Tl-wdr4300 -
NA
CVE-2014-4728
The web server in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware prior to 140916 allows remote malicious users to cause a denial of service (crash) via a long header in a GET request.
Tp-link Tl-wdr4300 Firmware
Tp-link Tl-wdr4300 -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started