Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-45725 | 1 Comfast | 2 Cf-wr610n, Cf-wr610n Firmware | 2024-02-28 | N/A | 8.8 HIGH |
Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request | |||||
CVE-2022-45724 | 1 Comfast | 2 Cf-wr610n, Cf-wr610n Firmware | 2024-02-28 | N/A | 5.4 MEDIUM |
Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSION_ID, and using this SESSION_ID an attacker can then perform authenticated requests. |