VYPR

WLD71-T1

by Comtrend

CVEs (4)

  • CVE-2024-2414HigMar 13, 2024
    risk 0.57cvss 8.8epss 0.00

    The primary channel is unprotected on Movistar 4G router affecting E version S_WLD71-T1_v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges.

  • CVE-2024-5785HigJun 10, 2024
    risk 0.52cvss 8.0epss 0.01

    Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us version. This vulnerability could allow an authenticated user to execute commands inside the router by making a POST request to the URL “/boaform/admin/formUserTracert”.

  • CVE-2024-5786MedJun 10, 2024
    risk 0.42cvss 6.5epss 0.00

    Cross-Site Request Forgery vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us version. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application to which he is authenticated.

  • CVE-2024-2416MedMar 13, 2024
    risk 0.42cvss 6.5epss 0.00

    Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ES_WLD71-T1_v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated.