Juplink: >> Rx4-1500 Firmware >> 1.0.2 Security Vulnerabilities
Command injection in homemng.htm in Juplink RX4-1500 versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows remote authenticated attackers to execute commands via specially crafted requests to the vulnerable endpoint.
CVSS Score
8.0
EPSS Score
0.003
Published
2023-09-22
Command injection vulnerability in the homemng.htm endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows authenticated remote attackers to execute commands as root via specially crafted HTTP requests to the vulnerable endpoint.
CVSS Score
8.0
EPSS Score
0.002
Published
2023-09-22
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated attackers to log in to the web interface or telnet service as the 'user' user.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-09-18
A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.
CVSS Score
9.0
EPSS Score
0.001
Published
2023-08-23