|
214261
|
9.8 |
CRITICAL
Network
|
tp-link
|
ac1750_firmware
|
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The speci…
|
NVD-CWE-Other
|
CVE-2020-10887
|
2024-11-21 13:56 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214262
|
9.8 |
CRITICAL
Network
|
tp-link
|
ac1750_firmware
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this…
|
CWE-78
OS Command
|
CVE-2020-10886
|
2024-11-21 13:56 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214263
|
9.8 |
CRITICAL
Network
|
tp-link
|
ac1750_firmware
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this…
|
CWE-20
Improper Input Validation
|
CVE-2020-10885
|
2024-11-21 13:56 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214264
|
8.8 |
HIGH
Adjacent
|
tp-link
|
ac1750_firmware
|
This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to explo…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-10884
|
2024-11-21 13:56 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214265
|
7.8 |
HIGH
Local
|
tp-link
|
ac1750_firmware
|
This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. An attacker must first obtain the ability to execu…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-10883
|
2024-11-21 13:56 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214266
|
8.8 |
HIGH
Adjacent
|
tp-link
|
ac1750_firmware
|
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to ex…
|
CWE-78
OS Command
|
CVE-2020-10882
|
2024-11-21 13:56 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214267
|
9.8 |
CRITICAL
Network
|
tp-link
|
ac1750_firmware
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-10881
|
2024-11-21 13:56 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214268
|
9.1 |
CRITICAL
Network
|
it-novum
|
openitcockpit
|
openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than generating a random API Key for WebSocket connections.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-10788
|
2024-11-21 13:56 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214269
|
6.5 |
MEDIUM
Network
|
it-novum
|
openitcockpit
|
app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests (aka SSRF) via the Test Connect…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-10791
|
2024-11-21 13:56 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214270
|
5.4 |
MEDIUM
Network
|
it-novum
|
openitcockpit
|
openITCOCKPIT before 3.7.3 has unnecessary files (such as Lodash files) under the web root, which leads to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10790
|
2024-11-21 13:56 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
