| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12985 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). | ||
| CVE-2017-12902 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. | ||
| CVE-2017-12901 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). | ||
| CVE-2017-12900 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf(). | ||
| CVE-2017-12899 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). | ||
| CVE-2017-12898 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). | ||
| CVE-2017-12897 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print(). | ||
| CVE-2017-12896 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). | ||
| CVE-2017-12895 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). | ||
| CVE-2017-12894 | Cri | 0.64 | 9.8 | 0.03 | Sep 14, 2017 | Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). | ||
| CVE-2017-12893 | Cri | 0.64 | 9.8 | 0.02 | Sep 14, 2017 | The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). | ||
| CVE-2017-12249 | Cri | 0.59 | 9.1 | 0.03 | Sep 13, 2017 | A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerability… | ||
| CVE-2017-14429 | Cri | 0.64 | 9.8 | 0.05 | Sep 13, 2017 | The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell metacharacters, affecting… | ||
| CVE-2017-14421 | Cri | 0.64 | 9.8 | 0.02 | Sep 13, 2017 | D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have a hardcoded password of wrgac25_dlink.2013gui_dir850l for the Alphanetworks account upon device reset, which allows remote attackers to obtain root access via a TELNET session. | ||
| CVE-2017-14417 | Cri | 0.64 | 9.8 | 0.01 | Sep 13, 2017 | register_send.php on D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices does not require authentication, which can result in unintended enrollment in mydlink Cloud Services. | ||
| CVE-2017-11462 | Cri | 0.64 | 9.8 | 0.05 | Sep 13, 2017 | Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error. | ||
| CVE-2015-5206 | Cri | 0.64 | 9.8 | 0.02 | Sep 13, 2017 | Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168. | ||
| CVE-2015-5168 | Cri | 0.64 | 9.8 | 0.02 | Sep 13, 2017 | Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206. | ||
| CVE-2017-11351 | Cri | 0.64 | 9.8 | 0.01 | Sep 13, 2017 | Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account. | ||
| CVE-2017-14403 | Cri | 0.64 | 9.8 | 0.01 | Sep 13, 2017 | The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php. | ||
| CVE-2017-14402 | Cri | 0.64 | 9.8 | 0.01 | Sep 13, 2017 | The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT CREATION" section, related to lack of input validation in include/function.php. | ||
| CVE-2017-14401 | Cri | 0.64 | 9.8 | 0.01 | Sep 13, 2017 | The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section. | ||
| CVE-2017-8686 | Cri | 0.66 | 9.8 | 0.28 | Sep 13, 2017 | The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive, due to a memory corruption vulnerability in the Windows… | ||
| CVE-2017-14397 | Cri | 0.64 | 9.8 | 0.02 | Sep 12, 2017 | AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability. | ||
| CVE-2017-14396 | Cri | 0.60 | 9.8 | 0.03 | Sep 12, 2017 | In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php. | ||
| CVE-2017-8015 | Cri | 0.64 | 9.8 | 0.02 | Sep 12, 2017 | EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. | ||
| CVE-2017-14346 | Cri | 0.64 | 9.8 | 0.02 | Sep 12, 2017 | upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file. | ||
| CVE-2017-14345 | Cri | 0.64 | 9.8 | 0.01 | Sep 12, 2017 | SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php. | ||
| CVE-2015-8351 | Cri | 0.64 | 9.0 | 0.37 | Sep 11, 2017 | PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE:… | ||
| CVE-2015-4689 | Cri | 0.64 | 9.8 | 0.02 | Sep 11, 2017 | Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to reset arbitrary passwords via unspecified vectors, aka "Weak Password Reset." | ||
| CVE-2015-7877 | Cri | 0.64 | 9.8 | 0.01 | Sep 11, 2017 | Multiple SQL injection vulnerabilities in the User Dashboard module 7.x before 7.x-1.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2015-4523 | Cri | 0.64 | 9.3 | 0.04 | Sep 11, 2017 | Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or execute… | ||
| CVE-2017-7649 | Cri | 0.64 | 9.8 | 0.02 | Sep 11, 2017 | The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is left open, allowing to log into Kura without any user credentials over unencrypted… | ||
| CVE-2017-14269 | Cri | 0.64 | 9.8 | 0.02 | Sep 11, 2017 | EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content. | ||
| CVE-2017-14265 | Cri | 0.64 | 9.8 | 0.04 | Sep 11, 2017 | A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack. | ||
| CVE-2017-14252 | Cri | 0.64 | 9.8 | 0.01 | Sep 11, 2017 | SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id cookie to side.php. | ||
| CVE-2017-14247 | Cri | 0.64 | 9.8 | 0.01 | Sep 11, 2017 | SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie to header.php, a related issue to CVE-2017-1000060. | ||
| CVE-2017-14242 | Cri | 0.57 | 9.8 | 0.01 | Sep 11, 2017 | SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter. | ||
| CVE-2017-14238 | Cri | 0.57 | 9.8 | 0.01 | Sep 11, 2017 | SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the menuId parameter. | ||
| CVE-2017-14230 | Cri | 0.59 | 9.1 | 0.02 | Sep 10, 2017 | In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service… | ||
| CVE-2017-12733 | Cri | 0.64 | 9.8 | 0.02 | Sep 9, 2017 | A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. An… | ||
| CVE-2017-12731 | Cri | 0.64 | 9.8 | 0.02 | Sep 9, 2017 | A SQL Injection issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. The application is vulnerable to… | ||
| CVE-2017-11161 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2017 | Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; or (2) type parameter to synotheme.php. | ||
| CVE-2015-5052 | Cri | 0.64 | 9.8 | 0.01 | Sep 7, 2017 | SQL injection vulnerability in Sefrengo before 1.6.5 beta2. | ||
| CVE-2015-4629 | Cri | 0.64 | 9.8 | 0.02 | Sep 7, 2017 | Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions. | ||
| CVE-2015-4627 | Cri | 0.64 | 9.8 | 0.01 | Sep 7, 2017 | SQL injection vulnerability in Pragyan CMS 3.0. | ||
| CVE-2015-3991 | Cri | 0.64 | 9.8 | 0.05 | Sep 7, 2017 | strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code. | ||
| CVE-2015-3313 | Cri | 0.67 | 9.8 | 0.08 | Sep 7, 2017 | SQL injection vulnerability in WordPress Community Events plugin before 1.4. | ||
| CVE-2017-9834 | Cri | 0.67 | 9.8 | 0.04 | Sep 7, 2017 | SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php. | ||
| CVE-2017-14147 | Cri | 0.72 | 9.8 | 0.66 | Sep 7, 2017 | An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link http://[Default-Router-IP]/restoreinfo.cgi & execute it. Due to improper… |
- risk 0.64cvss 9.8epss 0.03
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
- risk 0.64cvss 9.8epss 0.03
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
- risk 0.64cvss 9.8epss 0.02
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
- risk 0.64cvss 9.8epss 0.02
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
- risk 0.64cvss 9.8epss 0.03
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
- risk 0.64cvss 9.8epss 0.03
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
- risk 0.64cvss 9.8epss 0.03
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
- risk 0.64cvss 9.8epss 0.03
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
- risk 0.64cvss 9.8epss 0.02
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
- risk 0.64cvss 9.8epss 0.03
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
- risk 0.64cvss 9.8epss 0.02
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
- risk 0.59cvss 9.1epss 0.03
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerability…
- risk 0.64cvss 9.8epss 0.05
The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell metacharacters, affecting…
- risk 0.64cvss 9.8epss 0.02
D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have a hardcoded password of wrgac25_dlink.2013gui_dir850l for the Alphanetworks account upon device reset, which allows remote attackers to obtain root access via a TELNET session.
- risk 0.64cvss 9.8epss 0.01
register_send.php on D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices does not require authentication, which can result in unintended enrollment in mydlink Cloud Services.
- risk 0.64cvss 9.8epss 0.05
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
- risk 0.64cvss 9.8epss 0.02
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.
- risk 0.64cvss 9.8epss 0.02
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.
- risk 0.64cvss 9.8epss 0.01
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account.
- risk 0.64cvss 9.8epss 0.01
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php.
- risk 0.64cvss 9.8epss 0.01
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT CREATION" section, related to lack of input validation in include/function.php.
- risk 0.64cvss 9.8epss 0.01
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section.
- risk 0.66cvss 9.8epss 0.28
The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive, due to a memory corruption vulnerability in the Windows…
- risk 0.64cvss 9.8epss 0.02
AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability.
- risk 0.60cvss 9.8epss 0.03
In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php.
- risk 0.64cvss 9.8epss 0.02
EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.
- risk 0.64cvss 9.8epss 0.02
upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file.
- risk 0.64cvss 9.8epss 0.01
SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php.
- risk 0.64cvss 9.0epss 0.37
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE:…
- risk 0.64cvss 9.8epss 0.02
Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to reset arbitrary passwords via unspecified vectors, aka "Weak Password Reset."
- risk 0.64cvss 9.8epss 0.01
Multiple SQL injection vulnerabilities in the User Dashboard module 7.x before 7.x-1.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
- risk 0.64cvss 9.3epss 0.04
Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or execute…
- risk 0.64cvss 9.8epss 0.02
The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is left open, allowing to log into Kura without any user credentials over unencrypted…
- risk 0.64cvss 9.8epss 0.02
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content.
- risk 0.64cvss 9.8epss 0.04
A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.
- risk 0.64cvss 9.8epss 0.01
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id cookie to side.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie to header.php, a related issue to CVE-2017-1000060.
- risk 0.57cvss 9.8epss 0.01
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter.
- risk 0.57cvss 9.8epss 0.01
SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the menuId parameter.
- risk 0.59cvss 9.1epss 0.02
In the mboxlist_do_find function in imap/mboxlist.c in Cyrus IMAP before 3.0.4, an off-by-one error in prefix calculation for the LIST command caused use of uninitialized memory, which might allow remote attackers to obtain sensitive information or cause a denial of service…
- risk 0.64cvss 9.8epss 0.02
A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. An…
- risk 0.64cvss 9.8epss 0.02
A SQL Injection issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. The application is vulnerable to…
- risk 0.64cvss 9.8epss 0.01
Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; or (2) type parameter to synotheme.php.
- risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability in Sefrengo before 1.6.5 beta2.
- risk 0.64cvss 9.8epss 0.02
Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions.
- risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability in Pragyan CMS 3.0.
- risk 0.64cvss 9.8epss 0.05
strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.
- risk 0.67cvss 9.8epss 0.08
SQL injection vulnerability in WordPress Community Events plugin before 1.4.
- risk 0.67cvss 9.8epss 0.04
SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php.
- risk 0.72cvss 9.8epss 0.66
An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link http://[Default-Router-IP]/restoreinfo.cgi & execute it. Due to improper…