Filtered by vendor Peplink
Subscribe
Total
18 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-49230 | 1 Peplink | 2 Balance Two, Balance Two Firmware | 2024-11-21 | N/A | 8.8 HIGH |
An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in captive portals allows attackers to modify the portals' configurations without prior authentication. | |||||
CVE-2023-49229 | 1 Peplink | 2 Balance Two, Balance Two Firmware | 2024-11-21 | N/A | 4.3 MEDIUM |
An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows read-only, unprivileged users to obtain sensitive information about the device configuration. | |||||
CVE-2023-49228 | 1 Peplink | 2 Balance Two, Balance Two Firmware | 2024-11-21 | N/A | 6.4 MEDIUM |
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root. | |||||
CVE-2023-49226 | 1 Peplink | 2 Balance Two, Balance Two Firmware | 2024-11-21 | N/A | 7.2 HIGH |
An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary commands as root. | |||||
CVE-2023-35194 | 1 Peplink | 2 Surf Soho, Surf Soho Firmware | 2024-11-21 | N/A | 7.2 HIGH |
An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability is specifically for the `system` call in the file `/web/MANGA/cgi-bin/api.cgi` for firmware version 6.3.5 at offset `0x4bde44`. | |||||
CVE-2023-35193 | 1 Peplink | 2 Surf Soho, Surf Soho Firmware | 2024-11-21 | N/A | 7.2 HIGH |
An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability is specifically for the `system` call in the file `/web/MANGA/cgi-bin/api.cgi` for firmware version 6.3.5 at offset 0x4bddb8. | |||||
CVE-2023-34356 | 1 Peplink | 2 Surf Soho, Surf Soho Firmware | 2024-11-21 | N/A | 7.2 HIGH |
An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
CVE-2023-34354 | 1 Peplink | 2 Surf Soho, Surf Soho Firmware | 2024-11-21 | N/A | 3.4 LOW |
A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
CVE-2023-28381 | 1 Peplink | 2 Surf Soho, Surf Soho Firmware | 2024-11-21 | N/A | 7.2 HIGH |
An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
CVE-2023-27380 | 1 Peplink | 2 Surf Soho, Surf Soho Firmware | 2024-11-21 | N/A | 7.2 HIGH |
An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
CVE-2020-24246 | 1 Peplink | 110 Balance 1350, Balance 1350 Firmware, Balance 20 and 107 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin. | |||||
CVE-2017-8841 | 1 Peplink | 12 1350hw2 Firmware, 2500 Firmware, 380hw6 Firmware and 9 more | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter. | |||||
CVE-2017-8840 | 1 Peplink | 12 1350hw2 Firmware, 2500 Firmware, 380hw6 Firmware and 9 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, and Submitted syncid. | |||||
CVE-2017-8839 | 1 Peplink | 12 1350hw2 Firmware, 2500 Firmware, 380hw6 Firmware and 9 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi. | |||||
CVE-2017-8838 | 1 Peplink | 12 1350hw2 Firmware, 2500 Firmware, 380hw6 Firmware and 9 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi. | |||||
CVE-2017-8837 | 1 Peplink | 12 1350hw2 Firmware, 2500 Firmware, 380hw6 Firmware and 9 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is compromised, the attacker can gain access to passwords and abuse them to compromise further systems. | |||||
CVE-2017-8836 | 1 Peplink | 12 1350hw2 Firmware, 2500 Firmware, 380hw6 Firmware and 9 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface. | |||||
CVE-2017-8835 | 1 Peplink | 12 1350hw2 Firmware, 2500 Firmware, 380hw6 Firmware and 9 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a session ID can be retrieved from the sessions database. |