Vulnerabilities > Peplink
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-28 | CVE-2023-49228 | Use of Hard-coded Credentials vulnerability in Peplink Balance TWO Firmware 8.1.0 An issue was discovered in Peplink Balance Two before 8.4.0. | 6.4 |
2023-12-28 | CVE-2023-49229 | Missing Authorization vulnerability in Peplink Balance TWO Firmware 8.1.0 An issue was discovered in Peplink Balance Two before 8.4.0. | 4.3 |
2023-12-28 | CVE-2023-49230 | Missing Authorization vulnerability in Peplink Balance TWO Firmware 8.1.0 An issue was discovered in Peplink Balance Two before 8.4.0. | 8.8 |
2023-12-25 | CVE-2023-49226 | Command Injection vulnerability in Peplink Balance TWO Firmware 8.1.0 An issue was discovered in Peplink Balance Two before 8.4.0. | 7.2 |
2023-10-11 | CVE-2023-27380 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
2023-10-11 | CVE-2023-28381 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
2023-10-11 | CVE-2023-34354 | Cross-site Scripting vulnerability in Peplink Surf Soho Firmware 6.3.5 A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 5.4 |
2023-10-11 | CVE-2023-34356 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
2023-10-11 | CVE-2023-35193 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |
2023-10-11 | CVE-2023-35194 | OS Command Injection vulnerability in Peplink Surf Soho Firmware 6.3.5 An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). | 8.8 |