VYPR

Vendor CVEs

Peplink

All CVEs

23 total · sorted by risk
  • CVE-2017-8835CriJun 5, 2017
    risk 0.72cvss 9.8epss 0.62

    SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by…

  • CVE-2017-8837CriJun 5, 2017
    risk 0.67cvss 9.8epss 0.05

    Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is…

  • CVE-2017-8836HigJun 5, 2017
    risk 0.60cvss 8.8epss 0.02

    CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in…

  • CVE-2017-8841HigJun 5, 2017
    risk 0.56cvss 8.1epss 0.04

    Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the…

  • CVE-2017-8839MedJun 5, 2017
    risk 0.43cvss 6.1epss 0.02

    XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi.

  • CVE-2017-8838MedJun 5, 2017
    risk 0.43cvss 6.1epss 0.02

    XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.

  • CVE-2017-8840MedJun 5, 2017
    risk 0.38cvss 5.3epss 0.04

    Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA…

  • CVE-2023-49230Dec 28, 2023
    risk 0.02cvss epss 0.02

    An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in captive portals allows attackers to modify the portals' configurations without prior authentication.

  • CVE-2023-43491Apr 17, 2024
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP…

  • CVE-2023-45209Apr 17, 2024
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated…

  • CVE-2023-45744Apr 17, 2024
    risk 0.00cvss epss 0.01

    A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger…

  • CVE-2023-39367Apr 17, 2024
    risk 0.00cvss epss 0.38

    An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2023-40146Apr 17, 2024
    risk 0.00cvss epss 0.01

    A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials…

  • CVE-2023-49229Dec 28, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows read-only, unprivileged users to obtain sensitive information about the device configuration.

  • CVE-2023-49228Dec 28, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root.

  • CVE-2023-49226Dec 25, 2023
    risk 0.00cvss epss 0.03

    An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary commands as root.

  • CVE-2023-34356Oct 11, 2023
    risk 0.00cvss epss 0.06

    An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

  • CVE-2023-28381Oct 11, 2023
    risk 0.00cvss epss 0.06

    An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

  • CVE-2023-27380Oct 11, 2023
    risk 0.00cvss epss 0.06

    An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

  • CVE-2023-34354Oct 11, 2023
    risk 0.00cvss epss 0.01

    A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an…

  • CVE-2023-35194Oct 11, 2023
    risk 0.00cvss epss 0.06

    An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2023-35193Oct 11, 2023
    risk 0.00cvss epss 0.06

    An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this…

  • CVE-2020-24246HigOct 7, 2020
    risk 0.00cvss 7.5epss 0.01

    Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.