Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
almond_firmware vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-7296
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a linear algorithm for selecting the ID value in the header of a DNS query performed on behalf of the device itself, which makes it easier for remote mal...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
5
CVSSv2
CVE-2015-2914
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote malicious users to spoof responses...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
7.3
CVSSv2
CVE-2015-2915
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote malicious users to obtain web-management access by leveraging the ability to auth...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
6.8
CVSSv2
CVE-2015-2916
Cross-site request forgery (CSRF) vulnerability on Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M allows remote malicious users to hijack the authentication of arbitrary users.
Securifi Almond-2015 Firmware
Securifi Almond Firmware
4.3
CVSSv2
CVE-2015-2917
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site...
Securifi Almond Firmware
Securifi Almond-2015 Firmware
6.5
CVSSv2
CVE-2017-8332
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to prevent kids from watching content that might be deemed unsafe using the web management i...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
6.5
CVSSv2
CVE-2017-8331
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the device ca...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
6
CVSSv2
CVE-2017-8335
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It seems that the POST parameters pa...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
9.3
CVSSv2
CVE-2017-8328
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross site request ...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
6
CVSSv2
CVE-2017-8334
An issue exists on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking IP addresses using the web management interface. It seems that the device does not implement any cross-site scripting forgery pro...
Securifi Almond 2015 Firmware Al-r096
Securifi Almond\\+firmware Al-r096
Securifi Almond Firmware Al-r096
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »