baroi-ai - Security Researcher - Exploit Intelligence Platform

CVE-2024-40119 NOMISEC HIGH WORKING POC

Nepstech Wifi Router xpon - CSRF

Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover.

CVSS 8.8

View Code

CVE-2024-42657 NOMISEC HIGH WRITEUP

Wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 - Info Disclosure

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process

CVSS 7.5

View Code

CVE-2024-42658 NOMISEC CRITICAL WRITEUP

Wishnet Nepstech Wifi Router <1.0 - Info Disclosure

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter

CVSS 9.8

View Code