Shodan
Vulnerabilities
Vulnerable Software
Corega:  Security Vulnerabilities
CVE-2017-10852
Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary code via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-03-09
CVE-2017-10853
Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-03-09
CVE-2017-10854
Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and change the login password via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-03-09
CVE-2017-10813
CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.003
Published
2017-09-15
CVE-2017-10814
Buffer overflow in CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary code via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.003
Published
2017-09-15
CVE-2016-7808
Cross-site scripting vulnerability in Corega CG-WLBARGMH and CG-WLBARGNL allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-06-09
CVE-2016-7809
Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows remote attackers to hijack the authentication of logged in user to conduct unintended operations via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-06-09
CVE-2016-7810
Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.8
EPSS Score
0.005
Published
2017-06-09
CVE-2016-7811
Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-06-09
CVE-2016-4824
The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack.
CVSS Score
5.3
EPSS Score
0.003
Published
2016-06-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved