7 matches found
CVE-2023-49260
An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...
EUVD-2023-53262
Malicious code in bioql PyPI...
CVE-2023-49260
An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...
Path traversal
An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...
CVE-2023-49260 Stored cross-site scripting vulnerability
An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminaltool.cgi" path. It can be used together with the vulnerability CVE-2023-49255...
CVE-2023-49255 Router console accessible without authentication
The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. If any other user is currently logged in, the anonymous user can execute commands in the context of the authenticated...
CVE-2023-49255
Technical details about CVE-2023-49255 are not publicly available in the provided documents. Monitor for updates.