Vulnerabilities > Comba > Ac2400 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-03-19 CVE-2019-15654 Missing Authentication for Critical Function vulnerability in Comba Ac2400 Firmware
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server.
network
low complexity
comba CWE-306
7.5
7.5