Search Results | AttackerKB

Show filters

Topics 30 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

30 Total Results

Displaying 1-10 of 30

Attacker Value

Unknown

CVE-2023-4415

Disclosure Date: August 18, 2023 (last updated October 08, 2023)

A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2017-15616

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.

0

Attacker Value

Unknown

CVE-2017-15622

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.

0

Attacker Value

Unknown

CVE-2017-15634

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.

0

Attacker Value

Unknown

CVE-2017-15617

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.

0

Attacker Value

Unknown

CVE-2017-15623

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.

0

Attacker Value

Unknown

CVE-2017-15632

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.

0

Attacker Value

Unknown

CVE-2017-15620

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.

0

Attacker Value

Unknown

CVE-2017-15635

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.

0

Attacker Value

Unknown

CVE-2017-15618

Disclosure Date: January 11, 2018 (last updated November 26, 2024)

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.

0