Home / Advisories

Advisories

KLCERT-18-016: Eltex ESR-200 Router Default Password Usage

17 August 2018

An attacker without authentication can login with default credentials for privileged users.
KLCERT-18-015: Eltex ESR-200 Router Unsecure sudo Configuration

17 August 2018

A authenticated attacker with low privileges can use unsecure sudo configuration to expand attack surface.
KLCERT-18-014: Eltex ESR-200 Router Build-in user with highest privileges

17 August 2018

A authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface.
KLCERT-18-013: Eltex ESR-200 Router Information Disclosure

17 August 2018

A authenticated attacker with low privileges can extract password hash information for all users.
KLCERT-18-012: Eltex ESR-200 Router command injection

17 August 2018

A authenticated attacker can execute arbitrary code using command ejection.
KLCERT-18-011: Kraftway-24F2XG Router Outdated Certificate Usage

17 August 2018

Usage of SSLv2 and SSLv3 contain cryptographic weaknesses and cause data decryption.
KLCERT-18-010: Kraftway-24F2XG Router Denial of Service

17 August 2018

A Buffer Overflow exploited through web interface by remote attacker cause denial of service.
KLCERT-18-009: Kraftway-24F2XG Router Possible Remote Code Execution

17 August 2018

A Buffer Overflow exploited through web interface by remote attacker can cause remote code execution.
KLCERT-18-008: Kraftway-24F2XG Router Denial of Service

17 August 2018

A remote attacker with low privileges can cause denial of service.
KLCERT-18-007: Kraftway-24F2XG Router Denial of Service

17 August 2018

A remote attacker can craft a malicious link and send it to a privileged user. This can cause denial of service.