CVE-2023-40146
- EPSS 1.01%
- Veröffentlicht 17.04.2024 13:15:07
- Zuletzt bearbeitet 04.11.2025 19:15:55
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate...
CVE-2023-43491
- EPSS 0.6%
- Veröffentlicht 17.04.2024 13:15:07
- Zuletzt bearbeitet 04.11.2025 19:15:59
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can ma...
CVE-2023-45209
- EPSS 0.65%
- Veröffentlicht 17.04.2024 13:15:07
- Zuletzt bearbeitet 04.11.2025 19:15:59
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker c...
CVE-2023-45744
- EPSS 0.75%
- Veröffentlicht 17.04.2024 13:15:07
- Zuletzt bearbeitet 04.11.2025 19:16:01
A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthentic...
CVE-2023-39367
- EPSS 3.85%
- Veröffentlicht 17.04.2024 13:15:06
- Zuletzt bearbeitet 04.11.2025 19:15:54
An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP re...