Lucene search
K

28 matches found

Prion
Prion
added 2017/09/11 9:29 a.m.18 views

Cross site request forgery (csrf)

EE 4GEE WiFi MBB before EE600005.0031 devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings...

6.8CVSS8.6AI score0.00743EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2017/09/11 9:29 a.m.23 views

CVE-2017-14267

EE 4GEE WiFi MBB before EE600005.0031 devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings...

8.8CVSS8.7AI score0.00743EPSS
Exploits1References7
Cvelist
Cvelist
added 2017/09/11 9:0 a.m.26 views

CVE-2017-14267

EE 4GEE WiFi MBB before EE600005.0031 devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings...

8.7AI score0.00743EPSS
Exploits1References7
Cvelist
Cvelist
added 2017/09/11 9:0 a.m.24 views

CVE-2017-14268

EE 4GEE WiFi MBB before EE600005.0031 devices have XSS in the smscontent parameter in a getSMSlist request...

6.1AI score0.00724EPSS
Exploits1References2
CVE
CVE
added 2017/09/11 9:0 a.m.52 views

CVE-2017-14268

CVE-2017-14268 affects EE 4GEE WiFi MBB devices (before EE60_00_05.00_31). A Cross-Site Scripting (XSS) vulnerability exists in the sms_content parameter of a getSMSlist request. Exploitation context and impact are limited in the provided documents to input‑based script injection; no further expl...

6.1CVSS6AI score0.00724EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2017/09/11 9:0 a.m.60 views

CVE-2017-14269

CVE-2017-14269 affects EE 4GEE WiFi MBB devices (before EE60_00_05.00_31). The vulnerability allows remote attackers to obtain sensitive data via a JSONP endpoint, demonstrated as passwords and SMS content exposure. The root cause is an insecure JSONP/endpoint handling that leaks confidential inf...

9.8CVSS8.9AI score0.01626EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2017/09/11 9:0 a.m.64 views

CVE-2017-14267

EE 4GEE WiFi MBB devices (before EE60_00_05.00_31) are affected by a Cross‑Site Request Forgery (CSRF) vulnerability in admin actions exposed via goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings. The issue enables un...

8.8CVSS8.6AI score0.00743EPSS
Exploits1References7Affected Software1
0day.today
0day.today
added 2017/09/09 12:0 a.m.46 views

EE 4GEE Wireless Router EE60_00_05.00_25 XSS / CSRF / Disclosure Vulnerabilities

EE 4GEE wireless router version EE600005.0025 suffers from cross site request forgery, cross site scripting, and information disclosure vulnerabilities. EE 4GEE Wireless Router - Multiple Security Vulnerabilities Advisory ------------------------------------------------- Hardware Version/Model:...

Exploits0
Rows per page
Query Builder