[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":42,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":49,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":55,"vulnerability-2546":62},[4,15,21,30,37],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[27],"/vulnerabilities-exploits","See the details","phpbb-authentication-bypass",{"title":31,"slug":32,"text":33,"link":34,"external":9,"targets":35,"cta":36,"variant":13,"campaign_id":29},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[27],"Read the research",{"title":38,"slug":39,"text":24,"link":25,"external":9,"targets":40,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[41],"/exploit-helpers/sniper",["Island",43],{"key":44,"params":45,"result":47},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":46},"{}",{"head":48},{},["Island",50],{"key":51,"params":52,"result":53},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":46},{"head":54},{},["Island",56],{"key":57,"params":58,"result":60},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":59},"{\"text-color\":\"gray\"}",{"head":61},{},{"id":63,"detectable_with":64,"vuln_details":71,"vuln_id":90,"name":91,"published":92,"updated":72},2546,{"tool":65,"engine":68},{"id":66,"name":67},1,"Network Scanner",{"id":69,"name":70},2,"Nuclei",{"id":63,"codename":72,"description":72,"severity":73,"risk_description":74,"public_description":75,"public_recommendation":76,"recommendation":72,"references":77,"cvssv3":83,"epss_score":84,"epss_percentile":85,"cve":86,"in_cisa_catalog":88,"date":89,"software_type":72,"vendor":72,"product":72,"ptt_exploit_capabilities":72},null,"high","The risk exists that a remote unauthenticated attacker could exploit this vulnerability to read sensitive information from arbitrary files located on the file system of the server.","Xiaomi Mi WiFi R3G devices before 2.28.23-stable are susceptible to local file inclusion vulnerabilities via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication.","Update the firmware of the Xiaomi Mi WiFi R3G routers to the latest version, which includes a fix for the local file inclusion vulnerability.",[78,79,80,81,82],"https://ultramangaia.github.io/blog/2019/Xiaomi-Series-Router-Command-Execution-Vulnerability.html","https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC/blob/master/arbitrary_file_read_vulnerability.py","https://nvd.nist.gov/vuln/detail/CVE-2019-18371","https://github.com/password520/Penetration_PoC","https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC",7.5,0.55427,0.98908,[87],"CVE-2019-18371",false,"2019-10-23T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2019-18371","Xiaomi Mi WiFi R3G Routers - Local file Inclusion","2023-07-04T00:00:00Z"]