prolink2u 相關的公開 CVE 漏洞與安全風險資訊,提供 CVSS、EPSS、公開時間與漏洞情報資料,協助評估潛在風險與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-56498 | An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit this flaw by injecting arbitrary system commands, which are executed by the underlying operating system with root privileges. The router uses the Boa web server (version 0.93.15) to handle the request. S | [email protected] | 5.3 | 1.72% | 2025-09-03 | 2026-06-17 |
| CVE-2022-46637 | Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services. | [email protected] | 9.8 | 1.52% | 2023-02-21 | 2026-06-17 |