Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is compromised, the attacker can gain access to passwords and abuse them to compromise further systems.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPeplink 1350hw2 Firmware
OSPeplink7.0.1Peplink 2500 Firmware
OSPeplink7.0.1Peplink 380hw6 Firmware
OSPeplink7.0.1Peplink 580hw2 Firmware
OSPeplink7.0.1Peplink 710hw3 Firmware
OSPeplink7.0.1Peplink B305hw2 Firmware
OSPeplink7.0.1Peplink Balance 1350
HWPeplinkwszystkie wersjePeplink Balance 2500
HWPeplinkwszystkie wersjePeplink Balance 305
HWPeplinkwszystkie wersjePeplink Balance 380
HWPeplinkwszystkie wersjePeplink Balance 580
HWPeplinkwszystkie wersjePeplink Balance 710
HWPeplinkwszystkie wersje
Powiązane podatności
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b30...
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filem...
CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380h...
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware bef...
XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-...