Vulnerabilities (CVE)

Filtered by vendor Level1 Subscribe
Total 33 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-49595 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-49593 1 Level1 2 Wbr-6013, Wbr-6013 Firmware 2024-11-21 N/A 7.2 HIGH
Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution.
CVE-2023-49073 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-48270 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-47856 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-47677 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 8.8 HIGH
A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2023-46685 1 Level1 2 Wbr-6013, Wbr-6013 Firmware 2024-11-21 N/A 9.8 CRITICAL
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A set of specially crafted network packets can lead to arbitrary command execution.
CVE-2023-45742 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-45215 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-41251 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2023-34435 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2024-31151 1 Level1 2 Wbr-6012, Wbr-6012 Firmware 2024-11-13 N/A 9.8 CRITICAL
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The password string can be found at addresses 0x 803cdd0f and 0x803da3e6: 803cdd0f 41 72 69 65 ds "AriesSerenaCairryNativitaMegan" 73 53 65 72 65 6e 61 43 ... It is referenced by the function at 0x800b78b0 and simplified in the pseudocode below: if (is_equal = strcmp(password,"AriesSerenaCairryNativitaMegan"){ ret = 3;} Where 3 is the return value to user-level access (0 being fail and 1 being admin/backdoor). While there's no legitimate functionality to change this password, once authenticated it is possible manually make a change by taking advantage of TALOS-2024-XXXXX using HTTP POST paramater "Pu" (new user password) in place of "Pa" (new admin password).
CVE-2024-28875 1 Level1 2 Wbr-6012, Wbr-6012 Firmware 2024-11-13 N/A 8.1 HIGH
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be found at address 0x80100910 80100910 40 6d 21 74 ds "@m!t2K1" 32 4b 31 00 It is referenced by the function located at 0x800b78b0 and is used as shown in the pseudocode below: if ((SECOND_FROM_BOOT_TIME < 300) && (is_equal = strcmp(password,"@m!t2K1")) { return 1;} Where 1 is the return value to admin-level access (0 being fail and 3 being user).