Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

hwk-fr — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting hwk-fr. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Hwk-fr is a hardware keylogger designed for monitoring and capturing keystrokes on target systems. Historically, it has been associated with multiple critical vulnerabilities including remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from insecure firmware implementations and inadequate input validation. The device has been exploited in various security incidents where attackers leveraged its weaknesses to gain unauthorized access or escalate privileges on compromised systems. With seven CVEs documented, hwk-fr presents significant security risks, particularly in environments where physical access to devices is possible. Its design and implementation have repeatedly demonstrated security shortcomings that could lead to complete system compromise.

Top products by hwk-fr: WP 404 Auto Redirect to Similar Post Advanced Custom Fields: Extended
CVE IDTitleCVSSSeverityPublished
CVE-2025-15463 Advanced Custom Fields: Extended <= 0.9.2.3 - Unauthenticated Arbitrary Shortcode Execution — Advanced Custom Fields: ExtendedCWE-94 6.5 Medium2026-05-12
CVE-2025-12037 WP 404 Auto Redirect <= 1.0.5 - Authenticated (Admin+) Stored Cross-Site Scripting — WP 404 Auto Redirect to Similar PostCWE-79 4.4 Medium2026-02-18
CVE-2025-14533 Advanced Custom Fields: Extended <= 0.9.2.1 - Unauthenticated Privilege Escalation via Insert User Form Action — Advanced Custom Fields: ExtendedCWE-269 9.8 Critical2026-01-20
CVE-2025-13486 Advanced Custom Fields: Extended 0.9.0.5 - 0.9.1.1 - Unauthenticated Remote Code Execution in prepare_form — Advanced Custom Fields: ExtendedCWE-94 9.8 Critical2025-12-03
CVE-2024-32559 WordPress WP 404 Auto Redirect to Similar Post plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability — WP 404 Auto Redirect to Similar PostCWE-79 7.1 High2024-04-18
CVE-2024-0509 WP 404 Auto Redirect to Similar Post <= 1.0.3 - Reflected Cross-Site Scripting via request — WP 404 Auto Redirect to Similar PostCWE-79 6.1 Medium2024-02-05
CVE-2023-5292 Advanced Custom Fields: Extended <= 0.8.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Advanced Custom Fields: ExtendedCWE-79 6.4 Medium2023-10-20
CVE-2023-40206 WordPress WP 404 Auto Redirect to Similar Post Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS) — WP 404 Auto Redirect to Similar PostCWE-79 5.9 Medium2023-09-04

This page lists every published CVE security advisory associated with hwk-fr. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.