Skip to main content
CVE-2017-8225 CRITICAL POC THREAT Emergency

On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 58.5%.

Authentication Bypass Wireless Ip Camera P2P Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
58.5%
Threat
5.2
CVE-2017-8224 CRITICAL POC THREAT Emergency

Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.9%.

Authentication Bypass Wireless Ip Camera P2P Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
11.9%
CVE-2017-8220 CRITICAL POC Act Now

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link RCE Command Injection C2 Firmware C20I Firmware
NVD
CVSS 3.0
9.9
EPSS
3.8%
CVE-2017-8218 CRITICAL POC Act Now

vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure C2 Firmware C20I Firmware
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2017-8110 CRITICAL Act Now

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE PHP Modified Ecommerce Shopsoftware
NVD
CVSS 3.1
10.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy