Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Evenroute IQrouter 授权问题漏洞
Vulnerability Description
Evenroute IQrouter是美国Evenroute公司的一款智能路由器。 Evenroute IQrouter 3.3.1及之前版本中的Web面板中的‘diag_set_password’函数存在安全漏洞。远程攻击者可利用该漏洞任意更改root账户密码。
CVSS Information
N/A
Vulnerability Type
N/A