Balance two firmware
This hub aggregates every CVE we track for Balance two firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Balance two firmware.
- CVE-2023-49229An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows read-only, unprivileged users to obtain sensitive information abo...4.3
- CVE-2023-49230An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in captive portals allows attackers to modify the portals' configurations without prior authentication.8.8
- CVE-2023-49228An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execu...6.4
- CVE-2023-49226An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary comman...7.2
- CVE-2020-24246Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filemanager/php/connector.php) from Web Admin.7.5
Product normalization is registry-driven with AI assist and human review. How it works