Skip to main content

Ikuaios

3 CVEs product

Monthly

CVE-2023-34849 CRITICAL POC Act Now

An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ikuaios
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2022-40469 HIGH POC This Week

iKuai OS v3.6.7 was discovered to contain an authenticated remote code execution (RCE) vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Ikuaios
NVD GitHub
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-28075 HIGH This Week

iKuaiOS 3.4.8 Build 202012291059 has an arbitrary file download vulnerability, which can be exploited by attackers to obtain sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ikuaios
NVD
CVSS 3.1
7.5
EPSS
1.0%
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ikuaios
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

iKuai OS v3.6.7 was discovered to contain an authenticated remote code execution (RCE) vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Ikuaios
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

iKuaiOS 3.4.8 Build 202012291059 has an arbitrary file download vulnerability, which can be exploited by attackers to obtain sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ikuaios
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy