MEDIUM🇬🇧 English

CVE-2024-40112

CVSS 5.9v3.1pub. 2025-06-02upd. 2025-06-25

A Local File Inclusion (LFI) vulnerability exists in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before, which allows an attacker to manipulate the "language" cookie to include arbitrary files from the server. This vulnerability can be exploited to disclose sensitive information.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • Sitecom Wlx 2006

    HW
    Sitecom
    wszystkie wersje
  • Sitecom Wlx 2006 Firmware

    OS
    Sitecom
    ≤ 1.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-40113MEDIUM6.5ten sam produkt

Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default Credentials.

CVE-2024-40114MEDIUM6.1ten sam produkt

A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before ...

CVE-2011-4501HIGH10.0ten sam vendor

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg...

CVE-2011-4502HIGH10.0ten sam vendor

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg...

CVE-2011-4503HIGH7.5ten sam vendor

The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 allows remote attackers to establish arbit...

CVE-2024-40112 — MEDIUM 5.9 | CVEbaza.pl