Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
router vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-8918
Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) prior to 1.1.7-6941 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Synology Router Manager
NA
CVE-2008-2171
Unspecified vulnerability in AlaxalA AX routers allows remote malicious users to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Alaxala Ax Router
NA
CVE-2013-4632
The Huawei Access Router (AR) before V200R002SPC003 allows remote malicious users to cause a denial of service (device reset) via a crafted field in a DHCP request, as demonstrated by a request from an IP phone.
Huawei Access Router
NA
CVE-2001-0185
Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a crash.
Netopia R9100 Router
9.8
CVSSv3
CVE-2023-1803
Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass.This issue affects Redline Router: prior to 7.17.
Redline Router Firmware
9
CVSSv3
CVE-2020-27649
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) prior to 1.2.4-8081 allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Synology Router Manager
8.1
CVSSv3
CVE-2020-27651
Synology Router Manager (SRM) prior to 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an HTTP session.
Synology Router Manager
9.8
CVSSv3
CVE-2020-27654
Improper access control vulnerability in lbd in Synology Router Manager (SRM) prior to 1.2.4-8081 allows remote malicious users to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
Synology Router Manager
10
CVSSv3
CVE-2020-27655
Improper access control vulnerability in Synology Router Manager (SRM) prior to 1.2.4-8081 allows remote malicious users to access restricted resources via inbound QuickConnect traffic.
Synology Router Manager
5.9
CVSSv3
CVE-2020-27657
Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) prior to 1.2.4-8081 allows man-in-the-middle malicious users to eavesdrop authentication information of DNSExit via unspecified vectors.
Synology Router Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »