Search Results | AttackerKB

Show filters

Topics 80 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

80 Total Results

Displaying 51-60 of 80

Attacker Value

Unknown

CVE-2019-20721

Disclosure Date: April 16, 2020 (last updated February 21, 2025)

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.66, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.66, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2017-15616

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.

0

Attacker Value

Unknown

CVE-2017-15622

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.

0

Attacker Value

Unknown

CVE-2017-15634

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.

0

Attacker Value

Unknown

CVE-2017-15617

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.

0

Attacker Value

Unknown

CVE-2017-15623

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.

0

Attacker Value

Unknown

CVE-2017-15632

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.

0

Attacker Value

Unknown

CVE-2017-15620

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.

0

Attacker Value

Unknown

CVE-2017-15635

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.

0

Attacker Value

Unknown

CVE-2017-15618

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.

0