CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6144 – Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6144
18 Jun 2024 — Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://www.zerodayinitiative.com/advisories/ZDI-24-807 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6145 – Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6145
18 Jun 2024 — Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. A crafted Cookie header in an HTTP request can trigger the use of a format specifier from a user-supplied string. • https://www.zerodayinitiative.com/advisories/ZDI-24-808 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6142 – Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6142
18 Jun 2024 — Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. • https://www.zerodayinitiative.com/advisories/ZDI-24-805 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6146 – Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6146
18 Jun 2024 — Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://www.zerodayinitiative.com/advisories/ZDI-24-809 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6143 – Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-6143
18 Jun 2024 — Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. • https://www.zerodayinitiative.com/advisories/ZDI-24-806 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3097
https://notcve.org/view.php?id=CVE-2013-3097
13 Nov 2019 — Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router. Vulnerabilidad de tipo cross-site scripting (XSS) no especificada en el router Verizon FIOS Actiontec MI424WR-GEN3I.. • http://www.securityfocus.com/bid/59479 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 2CVE-2019-12789 – Telus Actiontec T2200H Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-12789
12 Jun 2019 — An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence (Ctrl-\) to obtain a shell with root privileges. After gaining root access, the attacker can mount the filesystem read-write and make permanent modifications to the device including bricking of the device, disabling vendor management of the device, preventing automatic upgrades, and permanently installing ... • https://packetstorm.news/files/id/153271 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 2CVE-2018-15557 – Telus Actiontec WEB6000Q Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-15557
12 Jun 2019 — An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat. Se descubrió un problema en el controlador WiFi Quantenna en dispositivos Telus Actiontec WEB6000Q v1.1.02.22. Un atacante puede establecer su IP de forma estática a cualquier cosa en la subred 169.254.1.0/24 y obtener acceso al root conectánd... • https://packetstorm.news/files/id/153262 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 3CVE-2018-15556 – Telus Actiontec WEB6000Q Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-15556
12 Jun 2019 — The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers. El Quantenna WiFi Controller en Telus Actiontec WEB6000Q v1.1.02.22 permite el inicio de sesión con acceso de nivel root con el usuario "root" y una contraseña vacía utilizando los encabezados UART integrados habilitados. Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from both local and remote privilege escal... • https://packetstorm.news/files/id/153262 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-15555 – Telus Actiontec WEB6000Q Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-15555
12 Jun 2019 — On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers. En los dispositivos Telus Actiontec WEB6000Q versión v1.1.02.22 un atacante puede iniciar sesión con acceso de nivel root con el usuario "root" y una contraseña "admin" utilizando los encabezados UART integrados habilitados. Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from both local and remote privilege escalation vuln... • https://packetstorm.news/files/id/153262 • CWE-662: Improper Synchronization •