Skip to main content
CVE-2015-7248 HIGH POC THREAT Act Now

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 35.4%.

Information Disclosure Zte Zxhn H108N R1A Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
35.4%
Threat
4.1
CVE-2015-7250 HIGH POC THREAT Act Now

Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 20.2%.

Path Traversal Zte Zxhn H108N R1A Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
20.2%
CVE-2015-7788 HIGH This Week

ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Wl 330Nul Firmware
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2015-5663 HIGH This Week

The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Winrar
NVD
CVSS 3.0
7.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy