CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-1168
https://notcve.org/view.php?id=CVE-2016-1168
01 Apr 2016 — Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users. Vulnerabilidad de CSRF en dispositivos NEC Aterm WF800HP con firmware 1.0.17 y versiones anteriores permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios. • http://jpn.nec.com/security-info/secinfo/nv16-004.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 94%CPEs: 62EXPL: 2CVE-2014-8361 – Realtek SDK Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2014-8361
24 Apr 2015 — The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. El servicio miniigd SOAP en Realtek SDK permite a atacantes remotos ejecutar código arbitrario a través de una solicitud NewInternalClient manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Realtek SDK. Authentication is not required to exploit this vulnerability. The specific... • https://packetstorm.news/files/id/132090 •