Dell OpenManage Enterprise versions up to 3.6.1 suffer from multiple hard-coded credential issues, multiple privilege escalation, weak permissions, authentication bypass, and other vulnerabilities.
b55157214aaa2b6ae562d7cfa0de32cfd562800d2a6cb523e250837eb6218be3FiberHome HG6245D routers suffer from bypass, hard-coded credentials, password disclosure, privilege escalation, denial of service, remote stack overflow, and additional vulnerabilities. suffers from bypass, cross site scripting, denial of service, and privilege escalation vulnerabilities.
2686e5c761e36bc3dfa888e8cf7225a954dc7af702d0bdccbb3ce7c5c5524e11Various V-SOL OLTs suffer from multiple backdoor issues, hardcoded RSA keys, potential command injection, and insecure management vulnerabilities.
20f5c0e255904786d117f0970a2860bba9487e20530393ccb85c7c54cba91c1eVarious CDATA OLTs suffer from backdoor access with telnet, credential leaks, shell escape with root privileges, denial of service, and weak encryption algorithm vulnerabilities.
25ead8b8d6facee2b0e679c6d68a14a89d0c99b0b24923b75e4317730748e5e6Zyxel CNM SecuManager versions 3.1.0 and 3.1.1 suffer from having hard-coded secrets, missing authentication, backdoors, and remote code execution vulnerabilities.
3c3f163d0c264f8928d2c11d08aaa6f6a1b4fbcda9b03fe3db342d382fa8d619D-Link DIR-850L remote code execution variant exploit that extracts username and password for the device.
1c82c3f87c75fc759451b815a7874e735d42e98ea00c4a393b3d85c52866af91WiseGiga NAS suffers from cross site request forgery, local file inclusion, command execution, and default credential vulnerabilities.
e7fbe801b430323d61a1963f92f116957b217b28433d3d108bd32656242cd400D-Link 850L suffers from cross site scripting, access bypass, backdoor, bruteforcing, information disclosure, remote code execution, and denial of service vulnerabilities. Basically, do not use this device unless you want to analyze it to see how not to design something.
3a9bd05d149ac1db91581ef8d913fef21e9b0ab8adc8b8428e217e2841c41d87Wireless IP Camera (P2P) WIFICAM, which gets rebranded as many others, suffers from a backdoor account, remote command execution, transit, and various authentication vulnerabilities.
559b80f2a3cc3fa49e3c01aac9e24b9d9c250fba7e12a6315b8cee5246ab32fcTP-Link CS and C20i are vulnerable to command injection, denial of service, and improper firewall rule issues.
eaec08f8fd30acc140b280bed29e39d58c422fe574a7752a1ea1aaef2398036bOpenBSD HTTP server versions up to 6.0 suffer from a denial of service vulnerability.
8cb179fc0c44b36068a2fb1ea7d4c3cb44fce813eaf3de73953f10a2bfceac82D-Link DWR-932B suffers from backdoor accounts, default WPS PIN, weak WPS PIN generation, and various other bad security practices and issues.
c6622e059d37bef9eede516a3030b6a743db38a5cd314be7e8c8d9f7cd9c8022Quanta LTE routers suffer from backdoor accounts, remote code execution, weak WPS functionality, arbitrary file reading, and a ridiculous amount of other vulnerabilities.
574a7a5333ba067e960ea26d54102349d8fe190084d3f24d869cdee6d409231fFreeBSD suffers from a bsnmpd information disclosure vulnerability.
30858a55de4d08a56a599bb420f85c65dae9f53454ef12c51314ce7d18ea9a53FreeBSD Security Advisory - The SNMP protocol supports an authentication model called USM, which relies on a shared secret. The default permission of the bsnmpd configuration file, /etc/bsnmpd.conf, is weak and does not provide adequate protection against local unprivileged users. A local user may be able to read the shared secret, if configured and used by the system administrator.
a72b9ae60396ff46558b0ec651b04f329fe46350335df2906500a42e8c4ad50bGaneti suffers from unauthenticated information disclosure and denial of service vulnerabilities.
b366b0e8cdc76ece2a45806306e7e5adc7f7ed618bac49a090623b0b34db5e3cHuawei Wimax routers suffer from cross site request forgery, information disclosure, and system manipulation vulnerabilities.
665c198903c1a2084546365ee984482cf859f3ed18d69b64ac380d553c6da03cOpenBSD net-snmp suffers from a credential and information disclosure vulnerability.
a80d494deb52dc8a57e8c8f3a438e4dc2e1095c1a787fbcd33b9d4404d060cacHuawei 3G routers suffer from authentication bypass, cross site request forgery, denial of service, and various other vulnerabilities.
5d2367658e0c166fbe6a18500efffe9f8332dd64802030160bd60d6778785f68Although they have provided an image with it disabled on start up, TOTOLink routers still have a backdoor built into them.
5fd5e8b16e2f7e7dac5fbbe2efbd48e9af98651b4c03e89f5ba73804906d26a28 TOTOLINK router models have backdoor hardcoded credentials and suffer from remote command execution vulnerabilities.
da4f3b45bf033743303421b024a5e6709556b805b29ed6d02f62e31906abb3804 TOTOLINK router models are backdoored with hardcoded credentials.
9ca4b52af2e1f01e95d564008e9b6c31d1c43d2dd18ac9b2367ff9593944b5754 TOTOLINK router models suffer from cross site request forgery and cross site scripting vulnerabilities.
ee42e57cb222a8571eb397cc642d24092fc7b9ce794c4736e98942a28f40d66a15 TOTOLINK router models are vulnerable to multiple remote command execution vulnerabilities.
d072f0831923e919022e8fbd4d7bd9357586f76c8cc3e511d592af9cd3edea96127 ipTIME routers are vulnerable to a DHCP-related remote command execution vulnerability.
865d438b672a41ac61eb57eb48a11d1384ed8671a7926efec5bf3004fedfd4fe
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed