CM5100-511

CVEs (20)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-46383	Nitinronge91 Sensitive Information Disclosure Via Spi Flash Firmware For Hathway Router Cve 2024 46383	Low	0.16	2.4	0.01	Nov 15, 2024	Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext.
CVE-2024-44815	Skyworth CM5100-511		0.01	—	0.11	Sep 10, 2024	Vulnerability in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to obtain user credentials via SPI flash Firmware W25Q64JV.
CVE-2023-51743	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Set Upstream Channel ID (UCID) parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted…
CVE-2023-51742	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Add Downstream Frequency parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to…
CVE-2023-51741	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and…
CVE-2023-51739	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51738	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Network Name (SSID) parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51737	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51736	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the L2TP/PPTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51735	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51732	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the IPsec Tunnel Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51731	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter…
CVE-2023-51730	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51729	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51727	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51726	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Server Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51725	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Contact Email Address parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to…
CVE-2023-51721	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 2 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51720	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 1 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51719	Skyworth CM5100-511		0.00	—	0.00	Jan 17, 2024	This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Traceroute parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

CVE-2024-46383LowNov 15, 2024
Nitinronge91
Sensitive Information Disclosure Via Spi Flash Firmware For Hathway Router Cve 2024 46383
risk 0.16cvss 2.4epss 0.01
Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext.
CVE-2024-44815Sep 10, 2024
Skyworth
CM5100-511
risk 0.01cvss —epss 0.11
Vulnerability in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to obtain user credentials via SPI flash Firmware W25Q64JV.
CVE-2023-51743Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Set Upstream Channel ID (UCID) parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted…
CVE-2023-51742Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Add Downstream Frequency parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to…
CVE-2023-51741Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and…
CVE-2023-51739Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51738Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Network Name (SSID) parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51737Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51736Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the L2TP/PPTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51735Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51732Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the IPsec Tunnel Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51731Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter…
CVE-2023-51730Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51729Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51727Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51726Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Server Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51725Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Contact Email Address parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to…
CVE-2023-51721Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 2 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51720Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 1 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
CVE-2023-51719Jan 17, 2024
Skyworth
CM5100-511
risk 0.00cvss —epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Traceroute parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…