6 matches found
EUVD-2019-6606
Malware in sbrugna...
CVE-2019-15654
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login...
CVE-2019-15654
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login...
Design/Logic Flaw
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login...
CVE-2019-15654
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login...
PT-2020-9752 · Comba · Comba Ac2400
Name of the Vulnerable Software and Affected Versions: Comba AC2400 devices affected versions not specified Description: The issue allows for password disclosure through a crafted request to the "/09/business/upgrade/upcfgAction.php?download=true" API endpoint. This request does not require...