VYPR

Smart Reader

by Peplink

CVEs (5)

  • CVE-2023-43491Apr 17, 2024
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP…

  • CVE-2023-45209Apr 17, 2024
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated…

  • CVE-2023-45744Apr 17, 2024
    risk 0.00cvss epss 0.01

    A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger…

  • CVE-2023-39367Apr 17, 2024
    risk 0.00cvss epss 0.38

    An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2023-40146Apr 17, 2024
    risk 0.00cvss epss 0.01

    A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials…