Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
askey vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-26201
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level. This allows an malicious user to gain unauthorized access as an admin or root user to the device Operating System via Telnet or SSH.
Askey Ap5100w Firmware
4.3
CVSSv2
CVE-2020-15023
Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exchange. By capturing an attempted (and even failed) WPS authentication attempt, it...
Askey Ap5100w Firmware
10
CVSSv2
CVE-2020-15357
Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote malicious users to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options.
Askey Ap5100w Firmware
8.3
CVSSv2
CVE-2020-28695
Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution and retrieval of admin credentials to log into the Dashboard or login via SSH, leading to code execution as root.
Askey Rtf3505vw-n1 Br Sv G000 R3505vwn1001 S32 7 Firmware -
7.5
CVSSv2
CVE-2020-8614
An issue exists on Askey AP4000W TDC_V1.01.003 devices. An attacker can perform Remote Code Execution (RCE) by sending a specially crafted network packer to the bd_svr service listening on TCP port 54188.
Askey Ap4000w Firmware Tdc V1.01.003
NA
CVE-2022-47040
An issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows malicious users to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80.
Askey Rtf3505vw-n1 Firmware Br Sv G000 R3505vmn1001 S32 7
1 Github repository
4.3
CVSSv2
CVE-2021-27403
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS.
Asus Askey Rtf8115vw Firmware Br Sv G11.11 Rtf Tef001 V6.54 V014
5.8
CVSSv2
CVE-2021-27404
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.
Asus Askey Rtf8115vw Firmware Br Sv G11.11 Rtf Tef001 V6.54 V014
10
CVSSv2
CVE-2019-12489
An issue exists on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter.
Fastweb Askey Rtv1907vw Firmware 0.00.81
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started