← Back

Peplink

peplink

23 CVEs • 118 products

Products (118)

Click to collapse
Toggle
B305hw2 Firmware
b305hw2_firmware
7 CVEs
380hw6 Firmware
380hw6_firmware
7 CVEs
580hw2 Firmware
580hw2_firmware
7 CVEs
710hw3 Firmware
710hw3_firmware
7 CVEs
1350hw2 Firmware
1350hw2_firmware
7 CVEs
2500 Firmware
2500_firmware
7 CVEs
Surf Soho Firmware
surf_soho_firmware
7 CVEs
Balance Two Firmware
balance_two_firmware
5 CVEs
Smart Reader Firmware
smart_reader_firmware
5 CVEs
Balance 20x Firmware
balance_20x_firmware
1 CVE
Balance 310x Firmware
balance_310x_firmware
1 CVE
Mbx Firmware
mbx_firmware
1 CVE
Epx Firmware
epx_firmware
1 CVE
Sdx Firmware
sdx_firmware
1 CVE
Balance 30 Lte Firmware
balance_30_lte_firmware
1 CVE
Balance 20 Firmware
balance_20_firmware
1 CVE
Balance 30 Firmware
balance_30_firmware
1 CVE
Balance 30 Pro Firmware
balance_30_pro_firmware
1 CVE
Balance 50 Firmware
balance_50_firmware
1 CVE
Balance One Firmware
balance_one_firmware
1 CVE
Balance 210 Firmware
balance_210_firmware
1 CVE
Balance 310 Firmware
balance_310_firmware
1 CVE
Balance 305 Firmware
balance_305_firmware
1 CVE
Balance 380 Firmware
balance_380_firmware
1 CVE
Balance 580 Firmware
balance_580_firmware
1 CVE
Balance 710 Firmware
balance_710_firmware
1 CVE
Balance 1350 Firmware
balance_1350_firmware
1 CVE
Balance 2500 Firmware
balance_2500_firmware
1 CVE
Max Br1 Mk2 Firmware
max_br1_mk2_firmware
1 CVE
Max Br1 Classic Firmware
max_br1_classic_firmware
1 CVE
Max Br1 Slim Firmware
max_br1_slim_firmware
1 CVE
Max Br1 Mini Firmware
max_br1_mini_firmware
1 CVE
Max Br1 M2m Firmware
max_br1_m2m_firmware
1 CVE
Max Br1 Ent Firmware
max_br1_ent_firmware
1 CVE
Max Br1 Pro Firmware
max_br1_pro_firmware
1 CVE
Max Br1 Ip67 Firmware
max_br1__ip67_firmware
1 CVE
Max Br2 Firmware
max_br2_firmware
1 CVE
Max Br1 Ip55 Firmware
max_br1_ip55_firmware
1 CVE
Max Br2 Ip55 Firmware
max_br2_ip55_firmware
1 CVE
Max Hd2 Ip67 Firmware
max_hd2_ip67_firmware
1 CVE
Max Hd2 Mini Firmware
max_hd2_mini_firmware
1 CVE
Max Hd2 Firmware
max_hd2_firmware
1 CVE
Max Hd1 Dome Firmware
max_hd1_dome_firmware
1 CVE
Max Hd2 Dome Firmware
max_hd2_dome_firmware
1 CVE
Max Hd4 Firmware
max_hd4_firmware
1 CVE
Max Hd4 Ip67 Firmware
max_hd4_ip67_firmware
1 CVE
Max Transit Firmware
max_transit_firmware
1 CVE
Max Transit Duo Firmware
max_transit_duo_firmware
1 CVE
Max Transit Mini Firmware
max_transit_mini_firmware
1 CVE
Max Hotspot Firmware
max_hotspot_firmware
1 CVE
Max On The Go Firmware
max_on-the-go_firmware
1 CVE
Max 700 Firmware
max_700_firmware
1 CVE
Ubr Lte Firmware
ubr_lte_firmware
1 CVE
Surf Soho Mk3 Firmware
surf_soho_mk3_firmware
1 CVE
Mediafast 200 Firmware
mediafast_200_firmware
1 CVE
Mediafast 500 Firmware
mediafast_500_firmware
1 CVE
Mediafast 750 Firmware
mediafast_750_firmware
1 CVE
Mediafast Hd2 Firmware
mediafast_hd2_firmware
1 CVE
Mediafast Hd4 Firmware
mediafast_hd4_firmware
1 CVE
Speedfusion Sfe Firmware
speedfusion_sfe_firmware
1 CVE
Speedfusion Sfe Cam Firmware
speedfusion_sfe_cam_firmware
1 CVE
Fusionhub Firmware
fusionhub_firmware
1 CVE
Balance 305
balance_305
0 CVEs
Balance 380
balance_380
0 CVEs
Balance 580
balance_580
0 CVEs
Balance 710
balance_710
0 CVEs
Balance 1350
balance_1350
0 CVEs
Balance 2500
balance_2500
0 CVEs
Balance 20x
balance_20x
0 CVEs
Balance 310x
balance_310x
0 CVEs
Mbx
mbx
0 CVEs
Epx
epx
0 CVEs
Sdx
sdx
0 CVEs
Balance 30 Lte
balance_30_lte
0 CVEs
Balance 20
balance_20
0 CVEs
Balance 30
balance_30
0 CVEs
Balance 30 Pro
balance_30_pro
0 CVEs
Balance 50
balance_50
0 CVEs
Balance One
balance_one
0 CVEs
Balance Two
balance_two
0 CVEs
Balance 210
balance_210
0 CVEs
Balance 310
balance_310
0 CVEs
Max Br1 Mk2
max_br1_mk2
0 CVEs
Max Br1 Classic
max_br1_classic
0 CVEs
Max Br1 Slim
max_br1_slim
0 CVEs
Max Br1 Mini
max_br1_mini
0 CVEs
Max Br1 M2m
max_br1_m2m
0 CVEs
Max Br1 Ent
max_br1_ent
0 CVEs
Max Br1 Pro
max_br1_pro
0 CVEs
Max Br1 Ip67
max_br1__ip67
0 CVEs
Max Br2
max_br2
0 CVEs
Max Br1 Ip55
max_br1_ip55
0 CVEs
Max Br2 Ip55
max_br2_ip55
0 CVEs
Max Hd2 Ip67
max_hd2_ip67
0 CVEs
Max Hd2 Mini
max_hd2_mini
0 CVEs
Max Hd2
max_hd2
0 CVEs
Max Hd1 Dome
max_hd1_dome
0 CVEs
Max Hd2 Dome
max_hd2_dome
0 CVEs
Max Hd4
max_hd4
0 CVEs
Max Hd4 Ip67
max_hd4_ip67
0 CVEs

CVEs (23)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-45744
1Peplink
1Smart Reader Firmware
Nov 4, 2025
Apr 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An at...Show more
A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.Show less
CVE-2023-45209
1Peplink
1Smart Reader Firmware
Nov 4, 2025
Apr 17, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensit...Show more
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.Show less
CVE-2023-43491
1Peplink
1Smart Reader Firmware
Nov 4, 2025
Apr 17, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive i...Show more
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.Show less
CVE-2023-40146
1Peplink
1Smart Reader Firmware
Nov 4, 2025
Apr 17, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities...Show more
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocked default busybox functionality to trigger this vulnerability.Show less
CVE-2023-39367
1Peplink
1Smart Reader Firmware
Nov 4, 2025
Apr 17, 2024
N/A· v4
7.2 HIGH· v3
N/A· v2
An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can...Show more
An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2023-49230
1Peplink
1Balance Two Firmware
Nov 21, 2024
Dec 28, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in captive portals allows attackers to modify the portals' configurations without prior authentication.
CVE-2023-49229
1Peplink
1Balance Two Firmware
Nov 21, 2024
Dec 28, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows read-only, unprivileged users to obtain sensitive information about the device configura...Show more
An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows read-only, unprivileged users to obtain sensitive information about the device configuration.Show less
CVE-2023-49228
1Peplink
1Balance Two Firmware
Nov 21, 2024
Dec 28, 2023
N/A· v4
6.4 MEDIUM· v3
N/A· v2
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands a...Show more
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root.Show less
CVE-2023-49226
1Peplink
1Balance Two Firmware
Nov 21, 2024
Dec 25, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary commands as root.
CVE-2023-35194
1Peplink
1Surf Soho Firmware
Nov 4, 2025
Oct 11, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can mak...Show more
An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability is specifically for the `system` call in the file `/web/MANGA/cgi-bin/api.cgi` for firmware version 6.3.5 at offset `0x4bde44`.Show less
CVE-2023-35193
1Peplink
1Surf Soho Firmware
Nov 4, 2025
Oct 11, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can mak...Show more
An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability is specifically for the `system` call in the file `/web/MANGA/cgi-bin/api.cgi` for firmware version 6.3.5 at offset 0x4bddb8.Show less
CVE-2023-34356
1Peplink
1Surf Soho Firmware
Nov 4, 2025
Oct 11, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authe...Show more
An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2023-34354
1Peplink
1Surf Soho Firmware
Nov 4, 2025
Oct 11, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to execution of arbitrary javascript in...Show more
A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2023-28381
1Peplink
1Surf Soho Firmware
Nov 4, 2025
Oct 11, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make...Show more
An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2023-27380
1Peplink
1Surf Soho Firmware
Nov 21, 2024
Oct 11, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an aut...Show more
An OS command injection vulnerability exists in the admin.cgi USSD_send functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.Show less
CVE-2020-24246
1Peplink
55Balance 1350 Firmware
Balance 20 FirmwareBalance 20x Firmware+52 more
Nov 21, 2024
Oct 7, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.
CVE-2017-8841
1Peplink
61350hw2 Firmware
2500 Firmware380hw6 Firmware+3 more
May 13, 2026
Jun 5, 2017
N/A· v4
8.1 HIGH· v3
7.5 HIGH· v2
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path trav...Show more
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.Show less
CVE-2017-8840
1Peplink
61350hw2 Firmware
2500 Firmware380hw6 Firmware+3 more
May 13, 2026
Jun 5, 2017
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasy...Show more
Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, and Submitted syncid.Show less
CVE-2017-8839
1Peplink
61350hw2 Firmware
2500 Firmware380hw6 Firmware+3 more
May 13, 2026
Jun 5, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
XSS via orig_url exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is guest/preview.cgi.
CVE-2017-8838
1Peplink
61350hw2 Firmware
2500 Firmware380hw6 Firmware+3 more
May 13, 2026
Jun 5, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.