Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-2mwj-jf28-g57f

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE
View on GitHub

Advisory Details

CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.

Related CVEs

CVE-2017-8836

Key Information

GHSA ID
GHSA-2mwj-jf28-g57f
Published
May 17, 2022 2:14 AM
Last Modified
April 20, 2025 3:38 AM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: August 30, 2025 6:32 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.