Peplink

peplink

23 CVEs • 118 products

Products (118)

Click to collapse

Toggle

B305hw2 Firmware

b305hw2_firmware

380hw6 Firmware

380hw6_firmware

580hw2 Firmware

580hw2_firmware

710hw3 Firmware

710hw3_firmware

1350hw2 Firmware

1350hw2_firmware

Surf Soho Firmware

surf_soho_firmware

Balance Two Firmware

balance_two_firmware

Smart Reader Firmware

smart_reader_firmware

Balance 20x Firmware

balance_20x_firmware

Balance 310x Firmware

balance_310x_firmware

Balance 30 Lte Firmware

balance_30_lte_firmware

Balance 20 Firmware

balance_20_firmware

Balance 30 Firmware

balance_30_firmware

Balance 30 Pro Firmware

balance_30_pro_firmware

Balance 50 Firmware

balance_50_firmware

Balance One Firmware

balance_one_firmware

Balance 210 Firmware

balance_210_firmware

Balance 310 Firmware

balance_310_firmware

Balance 305 Firmware

balance_305_firmware

Balance 380 Firmware

balance_380_firmware

Balance 580 Firmware

balance_580_firmware

Balance 710 Firmware

balance_710_firmware

Balance 1350 Firmware

balance_1350_firmware

Balance 2500 Firmware

balance_2500_firmware

Max Br1 Mk2 Firmware

max_br1_mk2_firmware

Max Br1 Classic Firmware

max_br1_classic_firmware

Max Br1 Slim Firmware

max_br1_slim_firmware

Max Br1 Mini Firmware

max_br1_mini_firmware

Max Br1 M2m Firmware

max_br1_m2m_firmware

Max Br1 Ent Firmware

max_br1_ent_firmware

Max Br1 Pro Firmware

max_br1_pro_firmware

Max Br1 Ip67 Firmware

max_br1__ip67_firmware

Max Br2 Firmware

max_br2_firmware

Max Br1 Ip55 Firmware

max_br1_ip55_firmware

Max Br2 Ip55 Firmware

max_br2_ip55_firmware

Max Hd2 Ip67 Firmware

max_hd2_ip67_firmware

Max Hd2 Mini Firmware

max_hd2_mini_firmware

Max Hd2 Firmware

max_hd2_firmware

Max Hd1 Dome Firmware

max_hd1_dome_firmware

Max Hd2 Dome Firmware

max_hd2_dome_firmware

Max Hd4 Firmware

max_hd4_firmware

Max Hd4 Ip67 Firmware

max_hd4_ip67_firmware

Max Transit Firmware

max_transit_firmware

Max Transit Duo Firmware

max_transit_duo_firmware

Max Transit Mini Firmware

max_transit_mini_firmware

Max Hotspot Firmware

max_hotspot_firmware

Max On The Go Firmware

max_on-the-go_firmware

Max 700 Firmware

max_700_firmware

Ubr Lte Firmware

ubr_lte_firmware

Surf Soho Mk3 Firmware

surf_soho_mk3_firmware

Mediafast 200 Firmware

mediafast_200_firmware

Mediafast 500 Firmware

mediafast_500_firmware

Mediafast 750 Firmware

mediafast_750_firmware

Mediafast Hd2 Firmware

mediafast_hd2_firmware

Mediafast Hd4 Firmware

mediafast_hd4_firmware

Speedfusion Sfe Firmware

speedfusion_sfe_firmware

Speedfusion Sfe Cam Firmware

speedfusion_sfe_cam_firmware

Fusionhub Firmware

fusionhub_firmware

Max Br1 Classic

max_br1_classic

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-8837 1Peplink 61350hw2 Firmware 2500 Firmware380hw6 Firmware+3 more May 13, 2026 Jun 5, 2017 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass an...Show more Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is compromised, the attacker can gain access to passwords and abuse them to compromise further systems.Show less
CVE-2017-8836 1Peplink 61350hw2 Firmware 2500 Firmware380hw6 Firmware+3 more May 13, 2026 Jun 5, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. T...Show more CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The CGI scripts in the administrative interface are affected. This allows an attacker to execute commands, if a logged in user visits a malicious website. This can for example be used to change the credentials of the administrative webinterface.Show less
CVE-2017-8835 1Peplink 61350hw2 Firmware 2500 Firmware380hw6 Firmware+3 more May 13, 2026 Jun 5, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/...Show more SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a session ID can be retrieved from the sessions database.Show less