Peplink Balance Two Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Peplink Balance Two Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-49230 — CVSS 8.8 (high): An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in captive portals allows attackers to modify…
CVE-2020-24246 — CVSS 7.5 (high): Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php)…
CVE-2023-49226 — CVSS 7.2 (high): An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console…
CVE-2023-49228 — CVSS 6.4 (medium): An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an…
CVE-2023-49229 — CVSS 4.3 (medium): An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows…