Quadron-Research-Lab/Hardware-IoT

Releases0

Stars4

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-29332 ↗	May 17, 2022Tuesday, 17 May 2022, 14:15	6.5 MEDIUM	4 MEDIUM
D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An attacker could use the "../../../../" setting of the FTP server folder to set the router's root folder for FTP access. This allows you to access the entire router file system via the FTP server.
CVE-2022-26639 ↗	Mar 28, 2022Monday, 28 March 2022, 23:15	7.2 HIGH	6.5 MEDIUM
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.
CVE-2022-26640 ↗	Mar 28, 2022Monday, 28 March 2022, 23:15	7.2 HIGH	6.5 MEDIUM
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter.
CVE-2022-26641 ↗	Mar 28, 2022Monday, 28 March 2022, 23:15	7.2 HIGH	6.5 MEDIUM
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter.
CVE-2022-26642 ↗	Mar 28, 2022Monday, 28 March 2022, 23:15	7.2 HIGH	6.5 MEDIUM
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter.
CVE-2021-45401 ↗	Feb 18, 2022Friday, 18 February 2022, 18:15	9.8 CRITICAL	7.5 HIGH
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function.