EUVD-2019-9555

Malware in sbrugna...

CVE-2019-19967

The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI...

Connect Box EuroDOCSIS 3.0 Voice Gateway 操作系统命令注入漏洞

The Connect Box EuroDOCSIS 3.0 Voice Gateway is a home voice gateway device. An operating system command injection vulnerability exists in Connect Box EuroDOCSIS 3.0 Voice Gateway that allows an attacker with privileges and network access to execute commands on the device via the ping.cmd compone...

CVE-2019-19967

The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI...

Default credentials

The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI...

CVE-2019-19967

The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI...

CVE-2019-19967

The CVE-2019-19967 issue affects the Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH, where the Administration page accepts a cleartext password in a POST to port 80 via xml/setter.xml. This enables potential exposure of credentials over the network (confidentiality imp...