CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-30403
https://notcve.org/view.php?id=CVE-2023-30403
02 May 2023 — An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user. • https://dl.packetstormsecurity.net/2305-exploits/aigitalwnr-bypass.txt • CWE-613: Insufficient Session Expiration •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-30405
https://notcve.org/view.php?id=CVE-2023-30405
28 Apr 2023 — A cross-site scripting (XSS) vulnerability in Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the wl_ssid parameter at /boafrm/formHomeWlanSetup. • https://packetstormsecurity.com/files/172057/Aigital-Wireless-N-Repeater-Mini_Router.0.131229-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-30404
https://notcve.org/view.php?id=CVE-2023-30404
25 Apr 2023 — Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to contain a remote code execution (RCE) vulnerability via the sysCmd parameter in the formSysCmd function. This vulnerability is exploited via a crafted HTTP request. • http://aigital.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •