Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oz elisyan vulnerabilities and exploits
(subscribe to this query)
335
VMScore
CVE-2013-5037
The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote malicious users to obtain the WPA or WPA2 pre-shared key via EAP messages.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
585
VMScore
CVE-2013-5038
The HOT HOTBOX router with software 2.1.11 allows remote malicious users to bypass authentication by configuring a source IP address that had previously been used for an authenticated session.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
545
VMScore
CVE-2013-5039
Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote malicious users to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecur...
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
295
VMScore
CVE-2013-5218
Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote malicious users to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
335
VMScore
CVE-2013-5219
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote malicious users to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
615
VMScore
CVE-2013-5220
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote malicious users to cause a denial of service (device crash) via crafted HTTP POST data.
Hot Hotbox Router Firmware 2.1.11
Hot Hotbox Router -
1 EDB exploit
383
VMScore
CVE-2014-4727
Cross-site scripting (XSS) vulnerability in the DHCP clients page in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware prior to 140916 allows remote malicious users to inject arbitrary web script or HTML via the hostname in a DHCP request.
Tp-link Tl-wdr4300 Firmware
Tp-link Tl-wdr4300 -
445
VMScore
CVE-2014-4728
The web server in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware prior to 140916 allows remote malicious users to cause a denial of service (crash) via a long header in a GET request.
Tp-link Tl-wdr4300 Firmware
Tp-link Tl-wdr4300 -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started