12 matches found
EUVD-2021-8039
Malicious code in bioql PyPI...
EUVD-2021-8040
Malicious code in bioql PyPI...
CVE-2021-20622
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...
CVE-2021-20621
Cross-site request forgery CSRF vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2021-20622
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2021-20622
Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...
CVE-2021-20621
CVE-2021-20621 is a CSRF vulnerability reported in NEC Aterm WG2600HP and WG2600HP2 devices (firmware version ≤ 1.0.2). The issue could allow remote attackers to hijack the authentication of administrators via unspecified vectors. Publicly available connected documents confirm the affected produc...
CVE-2021-20622
CVE-2021-20622 is a Cross-site Scripting (XSS) vulnerability in NEC Aterm WG2600HP and WG2600HP2 devices (firmware ≤ Ver1.0.2). The issue allows remote attackers to inject arbitrary scripts that run in a user’s browser via unspecified vectors. Public documentation lists affected products as Aterm...
Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2
Overview Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2 provided by NEC Corporation contain multiple vulnerabilities. Aterm WF800HP: Cross-site Scripting CWE-79 - CVE-2021-20620 Aterm WG2600HP and Aterm WG2600HP2: Improper Access Control CWE-284 - CVE-2017-12575 Cross-Site Request Forgery...
JVN#38248512: Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2
Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2 provided by NEC Corporation contain multiple vulnerabilities listed below. Aterm WF800HP: Cross-site Scripting CWE-79 - CVE-2021-20620 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS...
Cross-Site Scripting Vulnerability in Multiple NEC Aterm Products
The NEC Aterm WG2600HP and others are a wireless router from NEC Corporation of Japan. A cross-site scripting vulnerability exists in multiple Aterm products, which stems from a lack of proper validation of client-side data by the WEB application. The vulnerability can be exploited by an attacker...