Skip to main content
CVE-2021-20133 MEDIUM POC This Month

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the "message of. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service D-Link Path Traversal Dir 2640 Us Firmware
NVD
CVSS 3.1
6.1
EPSS
2.1%
CVE-2021-45818 MEDIUM POC This Month

SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to HTTP response splitting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Code Injection Safari Montage
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-4183 MEDIUM POC PATCH This Month

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Wireshark Fedora +2
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2021-43862 MEDIUM POC PATCH This Month

jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Jquery Terminal
NVD GitHub
CVSS 3.1
5.4
EPSS
1.0%
CVE-2021-20150 MEDIUM POC THREAT This Month

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tew 827Dru Firmware
NVD
CVSS 3.1
5.3
EPSS
40.1%
CVE-2021-23147 MEDIUM This Month

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2021-20169 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2021-20168 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2021-20161 MEDIUM This Month

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tew 827Dru Firmware
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2021-20153 MEDIUM This Month

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Tew 827Dru Firmware
NVD
CVSS 3.1
6.8
EPSS
1.0%
CVE-2021-20156 MEDIUM This Month

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Jwt Attack Tew 827Dru Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-20152 MEDIUM This Month

Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tew 827Dru Firmware
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-38876 MEDIUM PATCH This Month

IBM i 7.2, 7.3, and 7.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-45815 MEDIUM This Month

Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uc20 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-20171 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-43861 MEDIUM PATCH This Month

Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Mermaid
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-20164 MEDIUM This Month

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Tew 827Dru Firmware
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2021-20163 MEDIUM This Month

Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Tew 827Dru Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2021-20162 MEDIUM This Month

Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Tew 827Dru Firmware
NVD
CVSS 3.1
4.9
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy