Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kaustubh g. padwad vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-25327
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF) vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as the above pages are vulnerable to cross-site scripting (XSS)...
Skyworthdigital Rn510 Firmware 3.1.0.4
3.5
CVSSv2
CVE-2021-25326
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed.
Skyworthdigital Rn510 Firmware 3.1.0.4
6.5
CVSSv2
CVE-2021-25328
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on ...
Skyworthdigital Rn510 Firmware 3.1.0.4
4.3
CVSSv2
CVE-2021-3275
Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through...
Tp-link Td-w9977 Firmware V1 0.1.0 0.9.1 Up Boot(161123) 2016-11-23 15.36.15
Tp-link Tl-wa801nd Firmware V5 Us 0.9.1 3.16 Up Boot[170905-rel56404]
Tp-link Tl-wa801n Firmware V6 Eu 0.9.1 3.16 Up Boot[200116-rel61815]
Tp-link Tl-wr802n Firmware V4 Us 0.9.1 3.17 Up Boot[200421-rel38950]
Tp-link Archer-c3150 Firmware V2 170926
7.2
CVSSv2
CVE-2019-7383
An issue exists on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1_TRUNK-20181105.bin. A shell command injection occurs by editing the description of an ISP file. The file network/isp/isp_update_edit.php does not properly validate user input, whi...
Systrome Cumilon Isg-600c Firmware 1.1-r2.1
Systrome Cumilon Isg-600h Firmware 1.1-r2.1
Systrome Cumilon Isg-800w Firmware 1.1-r2.1
7.2
CVSSv2
CVE-2019-7384
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call...
Raisecom Iscom Ht803g-u Firmware
Raisecom Iscom Ht803g-w Firmware
Raisecom Iscom Ht803g-1ge Firmware
Raisecom Iscom Ht803g Gpon Firmware
7.1
CVSSv2
CVE-2019-7386
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the ...
Kaiostech Kaios 2.5
Nokia 8810 4g Firmware 10.05
10
CVSSv2
CVE-2018-19524
An issue exists on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote malicious users to cause a denial of service (segmentation fault) or achiev...
Skyworthdigital Dt740 Firmware Sdotbgn1
Skyworthdigital Dt721-cb Firmware Sdotbgn1
Skyworthdigital Dt741-cb Firmware Sdotbgn1
1 EDB exploit
4.3
CVSSv2
CVE-2018-19525
An issue exists on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. There is CSRF via /ui/?g=obj_keywords_add and /ui/?g=obj_keywords_addsave with resultant XSS because of a lack of csrf token validation.
Systrome Cumilon Isg-600c Firmware 1.1-r2.1
Systrome Cumilon Isg-600h Firmware 1.1-r2.1
Systrome Cumilon Isg-800w Firmware 1.1-r2.1
6.8
CVSSv2
CVE-2015-2755
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin prior to 4.0 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) l...
Ab Google Map Travel Project Ab Google Map Travel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »