44 matches found
Input validation
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM Non-volatile RAM. It seems that the POST parameters passed in thi...
CVE-2017-8335
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM Non-volatile RAM. It seems that the POST parameters passed in thi...
CVE-2017-8336
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way...
CVE-2017-8336
The CVE-2017-8336 issue affects Securifi Almond, Almond+, and Almond 2015 devices running AL-R096. A vulnerable function in the goahead binary (MIPS little endian) processes POST parameters for creating routes; specifically, the POST parameter “gateway” can overflow the stack and allow an attacke...