Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fw firmware vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-12981
An issue exists on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability can be exploited by authenticated and unauthenticated users by sending special crafted requests to the web server allowing injecting code within the WBM. The code wil...
Wago 762-3000 Firmware
Wago 762-3001 Firmware
Wago 762-3002 Firmware
Wago 762-3003 Firmware
1 EDB exploit
9
CVSSv3
CVE-2018-8934
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW.
Amd Ryzen Pro Firmware -
Amd Ryzen Firmware -
9.8
CVSSv3
CVE-2017-2234
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and previous versions, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and previous versions may allow remote malicious users to access a non-documented developer screen to perform operations on device with a...
Toshiba Hem-gw16a Firmware
Toshiba Hem-gw26a Firmware
9.8
CVSSv3
CVE-2017-2235
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and previous versions. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and previous versions allows an malicious user to bypass access restriction to change the administrator account password via unspecified ...
Toshiba Hem-gw16a Firmware
Toshiba Hem-gw26a Firmware
9.8
CVSSv3
CVE-2017-2237
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and previous versions. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and previous versions allows an malicious user to execute arbitrary OS commands via unspecified vectors.
Toshiba Hem-gw16a Firmware
Toshiba Hem-gw26a Firmware
8.8
CVSSv3
CVE-2017-2238
Cross-site request forgery (CSRF) vulnerability in Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and previous versions and Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and previous versions allows remote malicious users to hijack the authentication of...
Toshiba Hem-gw16a Firmware
Toshiba Hem-gw26a Firmware
9.8
CVSSv3
CVE-2017-2236
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and previous versions, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and previous versions uses hard-coded credentials, which may allow malicious users to perform operations on device with administrative pr...
Toshiba Hem-gw16a Firmware
Toshiba Hem-gw26a Firmware
9.8
CVSSv3
CVE-2017-8835
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by obs...
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
6.1
CVSSv3
CVE-2017-8838
XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
8.8
CVSSv3
CVE-2017-8836
CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an malicious user to execute commands, if a logge...
Peplink B305hw2 Firmware 7.0.1
Peplink 380hw6 Firmware 7.0.1
Peplink 580hw2 Firmware 7.0.1
Peplink 710hw3 Firmware 7.0.1
Peplink 1350hw2 Firmware 7.0.1
Peplink 2500 Firmware 7.0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »