Aggregates CVE and security vulnerability intelligence across all ikuai8-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk command injection and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-34849 | An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1. | [email protected] | 9.8 | 1.32% | 2023-06-29 | 2024-11-21 |
| CVE-2022-40469 | iKuai OS v3.6.7 was discovered to contain an authenticated remote code execution (RCE) vulnerability. | [email protected] | 8.8 | 4.88% | 2022-10-12 | 2025-05-15 |
| CVE-2021-28075 | iKuaiOS 3.4.8 Build 202012291059 has an arbitrary file download vulnerability, which can be exploited by attackers to obtain sensitive information. | [email protected] | 7.5 | 0.39% | 2021-04-06 | 2024-11-21 |