VYPR
Vendor

Pix-Link

Products
4
CVEs
7
Across products
7
Status
Private

Products

4

Recent CVEs

7
  • CVE-2024-46280HigSep 30, 2024
    risk 0.57cvss 8.8epss 0.00

    PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them.

  • CVE-2025-12387MedJan 27, 2026
    risk 0.45cvss epss 0.01

    A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service (DoS) by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js…

  • CVE-2025-12386MedJan 27, 2026
    risk 0.45cvss epss 0.01

    Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but…

  • CVE-2021-43728May 20, 2022
    risk 0.00cvss epss 0.01

    Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized SSID parameter.

  • CVE-2021-43729May 20, 2022
    risk 0.00cvss epss 0.01

    Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized Security Key parameter.

  • CVE-2020-24104Aug 30, 2020
    risk 0.00cvss epss 0.01

    XSS on the PIX-Link Repeater/Router LV-WR07 with firmware v28K.Router.20170904 allows attackers to steal credentials without being connected to the network. The attack vector is a crafted ESSID, as demonstrated by the wireless.htm SET2 parameter.

  • CVE-2019-11877Jun 10, 2019
    risk 0.00cvss epss 0.01

    XSS on the PIX-Link Repeater/Router LV-WR09 with firmware v28K.MiniRouter.20180616 allows attackers to steal credentials without being connected to the network. The attack vector is a crafted ESSID.