Vulnerabilities > Level1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-30 | CVE-2024-23309 | Reliance on IP Address for Authentication vulnerability in Level1 Wbr-6012 Firmware R0.40E6 The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. | 8.1 |
| 2024-10-30 | CVE-2024-24777 | Cross-Site Request Forgery (CSRF) vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6. | 8.8 |
| 2024-10-30 | CVE-2024-28052 | Incorrect Calculation of Buffer Size vulnerability in Level1 Wbr-6012 Firmware R0.40E6 The WBR-6012 is a wireless SOHO router. | 7.5 |
| 2024-10-30 | CVE-2024-28875 | Use of Hard-coded Credentials vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. | 8.1 |
| 2024-10-30 | CVE-2024-31151 | Use of Hard-coded Credentials vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. | 9.8 |
| 2024-10-30 | CVE-2024-31152 | Allocation of Resources Without Limits or Throttling vulnerability in Level1 Wbr-6012 Firmware R0.40E6 The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. | 7.5 |
| 2024-10-30 | CVE-2024-32946 | Cleartext Transmission of Sensitive Information vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attacks. | 5.9 |
| 2024-10-30 | CVE-2024-33603 | Unspecified vulnerability in Level1 Wbr-6012 Firmware R0.40E6 The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users to access a verbose system log page and obtain sensitive data, such as memory addresses and IP addresses for login attempts. | 5.3 |
| 2024-10-30 | CVE-2024-33623 | Infinite Loop vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. | 7.5 |
| 2024-10-30 | CVE-2024-33626 | Unspecified vulnerability in Level1 Wbr-6012 Firmware R0.40E6 The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive information, such as the WiFi WPS PIN, through a hidden page accessible by an HTTP request. | 5.3 |