Balance
by Peplink
CVEs (12)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8835 | Cri | 0.72 | 9.8 | 0.64 | Jun 5, 2017 | SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by… | ||
| CVE-2017-8837 | Cri | 0.68 | 9.8 | 0.11 | Jun 5, 2017 | Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is… | ||
| CVE-2017-8836 | Hig | 0.60 | 8.8 | 0.01 | Jun 5, 2017 | CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in… | ||
| CVE-2017-8841 | Hig | 0.56 | 8.1 | 0.04 | Jun 5, 2017 | Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the… | ||
| CVE-2017-8839 | Med | 0.43 | 6.1 | 0.02 | Jun 5, 2017 | XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi. | ||
| CVE-2017-8838 | Med | 0.43 | 6.1 | 0.02 | Jun 5, 2017 | XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi. | ||
| CVE-2017-8840 | Med | 0.38 | 5.3 | 0.04 | Jun 5, 2017 | Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA… | ||
| CVE-2023-49230 | 0.02 | — | 0.31 | Dec 28, 2023 | An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in captive portals allows attackers to modify the portals' configurations without prior authentication. | |||
| CVE-2023-49229 | 0.00 | — | 0.00 | Dec 28, 2023 | An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows read-only, unprivileged users to obtain sensitive information about the device configuration. | |||
| CVE-2023-49228 | 0.00 | — | 0.00 | Dec 28, 2023 | An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root. | |||
| CVE-2023-49226 | 0.00 | — | 0.01 | Dec 25, 2023 | An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary commands as root. | |||
| CVE-2020-24246 | 0.00 | — | 0.01 | Oct 7, 2020 | Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin. |
- risk 0.72cvss 9.8epss 0.64
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by…
- risk 0.68cvss 9.8epss 0.11
Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is…
- risk 0.60cvss 8.8epss 0.01
CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in…
- risk 0.56cvss 8.1epss 0.04
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the…
- risk 0.43cvss 6.1epss 0.02
XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi.
- risk 0.43cvss 6.1epss 0.02
XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.
- risk 0.38cvss 5.3epss 0.04
Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA…
- CVE-2023-49230Dec 28, 2023risk 0.02cvss —epss 0.31
An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in captive portals allows attackers to modify the portals' configurations without prior authentication.
- CVE-2023-49229Dec 28, 2023risk 0.00cvss —epss 0.00
An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows read-only, unprivileged users to obtain sensitive information about the device configuration.
- CVE-2023-49228Dec 28, 2023risk 0.00cvss —epss 0.00
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root.
- CVE-2023-49226Dec 25, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary commands as root.
- CVE-2020-24246Oct 7, 2020risk 0.00cvss —epss 0.01
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.