54 matches found
CVE-2020-13620
Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration...
Cross site request forgery (csrf)
Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration...
CVE-2020-13620
Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration...
CVE-2020-13620
CVE-2020-13620 describes a cross-site request forgery (CSRF) vulnerability in Fastweb FASTGate GPON FGA2130FWB devices up to 2020-05-26, allowing an attacker to perform administrative actions by abusing the router’s web panel. Affected component is the router administration web interface; root ca...
Fastweb FASTGate 跨站请求伪造漏洞
Fastweb FASTGate is a modem from Fastweb Italy. A cross-site request forgery vulnerability exists in Fastweb FASTGate GPON FGA2130FWB version 2020-05-26 and prior versions that allows CSRF to manage web panels through the router, which could be exploited by an attacker to be able to perform...
Unspecified Vulnerability in Fastweb Askey RTV1907VW
The Fastweb Askey RTV1907VW is a router from Fastweb Italy. A security vulnerability exists in Fastweb Askey RTV1907VW version 0.00.81FW200Askey 2018-10-02 18:08:18. An attacker can exploit this vulnerability to inject and execute commands via HTTP request using the usbremove service...
CVE-2019-12489
An issue was discovered on Fastweb Askey RTV1907VW 0.00.81FW200Askey 2018-10-02 18:08:18 devices. By using the usbremove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter...
CVE-2019-12489
An issue was discovered on Fastweb Askey RTV1907VW 0.00.81FW200Askey 2018-10-02 18:08:18 devices. By using the usbremove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter...
Command injection
An issue was discovered on Fastweb Askey RTV1907VW 0.00.81FW200Askey 2018-10-02 18:08:18 devices. By using the usbremove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter...
CVE-2019-12489
The connected CNVD entry confirms a concrete vulnerability in Fastweb Askey RTV1907VW devices (version 0.00.81_FW_200_Askey 2018-10-02 18:08:18) where the usb_remove service, invoked over HTTP, allows injecting and executing commands within the mount parameter. This is described as a command‑inje...
CVE-2019-12489
An issue was discovered on Fastweb Askey RTV1907VW 0.00.81FW200Askey 2018-10-02 18:08:18 devices. By using the usbremove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter...
Fastweb Fastgate 0.00.81 - Remote Code Execution
Fastweb Fastgate 0.00.81 - Remote Code Execution Exploit Title: Fastweb Fastgate 0.00.81 - Remote Code Execution Date: 2019-11-13 Exploit Author: Riccardo Gasparini Vendor Homepage: https://www.fastweb.it/ Software Link: http://59.0.121.191:8080/ACS-server/file/0.00.81FW200Askey only from Fastweb...
Fastweb Fastgate 0.00.81 Remote Code Execution
Exploit Title: Fastweb Fastgate 0.00.81 - Remote Code Execution Date: 2019-11-13 Exploit Author: Riccardo Gasparini Vendor Homepage: https://www.fastweb.it/ Software Link: http://59.0.121.191:8080/ACS-server/file/0.00.81FW200Askey only from Fastweb ISP network Version: 0.00.81 Tested on: Linux CV...
Fastweb Fastgate 0.00.81 - Remote Code Execution
Exploit Title: Fastweb Fastgate 0.00.81 - Remote Code Execution Date: 2019-11-13 Exploit Author: Riccardo Gasparini Vendor Homepage: https://www.fastweb.it/ Software Link: http://59.0.121.191:8080/ACS-server/file/0.00.81FW200Askey only from Fastweb ISP network Version: 0.00.81 Tested on: Linux CV...
Fastweb Fastgate 0.00.81 - Remote Code Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: Fastweb Fastgate 0.00.81 - Remote Code Execution Date: 2019-11-13 Exploit Author: Riccardo Gasparini Vendor Homepage: https://www.fastweb.it/ Software Link: http://59.0.121.191:8080/ACS-server/file/0.00.81FW200Askey only fr...
Fastweb FASTGate Information Disclosure Vulnerability
Fastweb FASTGate is a modem from Fastweb Italy. An information disclosure vulnerability exists in Fastweb FASTGate version 1.0.1b, which can be exploited to view all web pages of the management console by changing the checkpwd return value from 0 to 1...
CVE-2019-18661
Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain checkpwd return value from 0 to 1. An attack does not achieve administrative control of a device; however, the attacker can view all of the web pages of the administration console...
Authentication flaw
Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain checkpwd return value from 0 to 1. An attack does not achieve administrative control of a device; however, the attacker can view all of the web pages of the administration console...
CVE-2019-18661
Fastweb FASTGate 1.0.1b is affected by an authentication bypass where a check_pwd return value can be altered from 0 to 1, enabling an attacker to view all pages of the administration console without achieving full administrative control. Root cause involves partial bypass of authentication; no e...
CVE-2019-18661
Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain checkpwd return value from 0 to 1. An attack does not achieve administrative control of a device; however, the attacker can view all of the web pages of the administration console...