692 matches found
CVE-2007-2334
The CVE-2007-2334 issue affects Nortel VPN Router (Contivity) 1000/2000/4000/5000 prior to specific firmware revisions: 5_05.149, 5_05.304 for 5_05.x line, and 6.x prior to 6_05.140. The vulnerability arises from two template HTML files that lack certain verification tags, enabling remote attacke...
CVE-2007-2334
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 505.149, 505.3xx before 505.304, and 6.x before 605.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via...
CVE-2006-6946
CVE-2006-6946 affects NEC MultiWriter 1700C?built-in web server. The vulnerability is an authentication bypass allowing remote attackers to modify the device’s configuration via the web interface. Connected JVN entry confirms that unauthorized users could change the system configuration; no mitig...
CVE-2006-6946
The web server in the NEC MultiWriter 1700C allows remote attackers to modify the device configuration via unspecified vectors...
D-Link DWL Series Access-Point 2.10na - Config Disclosure
D-Link DWL Series Access-Point 2.10na - Config Disclosure ADVISORY/0206 - D-Link Wireless Access-Point DWL-2100ap INTRUDERS TIGER TEAM SECURITY - SECURITY ADVISORY http://www.intruders.com.br/ , http://www.intruders.org.br/ Making a HTTP request to the /cgi-bin/ directory, the Web server will...
D-Link Access-Point <= 2.10na (DWL Series) Config Disclosure Vuln
No description provided by source. ADVISORY/0206 - D-Link Wireless Access-Point DWL-2100ap INTRUDERS TIGER TEAM SECURITY - SECURITY ADVISORY http://www.intruders.com.br/ , http://www.intruders.org.br/ Making a HTTP request to the /cgi-bin/ directory, the Web server will return error 404 Page not...
CVE-2005-1578
EnCase Forensic Edition 4.18a is affected by CVE-2005-1578, which describes that the product does not support Device Configuration Overlays (DCO). The underlying impact is that DCO non-support could allow an attacker to hide information without detection, with a CVSSv2 base score of 2.1 (LOW) and...
CVE-2004-1776
Cisco IOS 12.13 and 12.13T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification DOCSIS standard...
CVE-2004-1775
Cisco VACM View-based Access Control MIB for Catalyst Operating Software CatOS 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string...
Multiple Symantec security appliances do not allow the SNMP read-write community string to be changed
Overview A vulnerability exists in multiple Symantec security appliances that could allow a remote attacker to modify the configuration of the device using SNMP. Description The Simple Network Management Protocol SNMP enables network and system administrators to remotely monitor and configure...
D-Link AirPlus DI-614+ / DI-624 / DI-704 - DHCP Log HTML Injection
source: https://www.securityfocus.com/bid/10587/info It is reported that the DI-614+, DI-704, and the DI-624 are susceptible to an HTML injection vulnerability in their DHCP log. An attacker who has access to the wireless, or internal network segments of the router can craft malicious DHCP...
Cisco CatOS VACM read-write Community String Device Configuration Manipulation
It is possible to obtain the remote private community strings using the View-Based Access Control MIB VACM of the remote Cisco router. An attacker may use this flaw to gain read/write SNMP access on this router. Note that a value in this table does not necessarily mean that an instance with the...