54 matches found
Command injection
The web interface on FASTGate Fastweb devices with firmware through 0.00.47FW200Askey 2017-05-17 software through 1.0.1b exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is...
CVE-2018-20122
The CVE-2018-20122 entry concerns FASTGate Fastweb devices with firmware up to 0.00.47_FW_200_Askey (2017-05-17) and software up to 1.0.1b. The issue is a command injection vulnerability in a CGI binary exposed by the web interface, allowing remote code execution with root privileges. Notably, no...
CVE-2018-20122
The web interface on FASTGate Fastweb devices with firmware through 0.00.47FW200Askey 2017-05-17 software through 1.0.1b exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is...
Fastweb FASTGate modem unauthorized remote command execution vulnerability
Fastweb is a subnet of Swisscom, the main fixed line operator in Italy, and FASTGate is Fastweb's latest generation of modems. FASTGate is Fastweb's latest generation of modems. An unauthorized remote command execution vulnerability exists in the Fastweb FASTGate modem. An attacker can execute...
Fastweb FASTgate Cross-Site Request Forgery Vulnerability
The Fastweb FASTgate is a router device from the Italian company Fastweb. A cross-site request forgery vulnerability exists in Fastweb FASTgate version 0.00.47. A remote attacker can exploit this vulnerability to change the configuration, e.g., change the Wi-Fi password...
Cross site request forgery (csrf)
Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc...
CVE-2018-6023
Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc...
CVE-2018-6023
Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc...
CVE-2018-6023
Affected product: Fastweb FASTgate 0.00.47 router. Vulnerability: Cross-site request forgery (CSRF) that allows attackers to modify configuration, including changing the Wi‑Fi password and activating Guest Wi‑Fi. Root cause: CSRF in the device’s web interface enabling unauthorized authenticated a...
Fastweb FASTGate 0.00.47 - Cross-site Request Forgery
Exploit for hardware platform in category web applications Exploit Title: Fastweb FASTgate 0.00.47 CSRF Exploit Authors: Raffaele Sabato Contact: https://twitter.com/syrion89 Vendor: Fastweb Product Web Page: http://www.fastweb.it/adsl-fibra-ottica/dettagli/modem-fastweb-fastgate/ Version: 0.00.4...
Fastweb FASTGate 0.00.47 - Cross-Site Request Forgery
Exploit Title: Fastweb FASTgate 0.00.47 CSRF Date: 09-05-2018 Exploit Authors: Raffaele Sabato Contact: https://twitter.com/syrion89 Vendor: Fastweb Product Web Page: http://www.fastweb.it/adsl-fibra-ottica/dettagli/modem-fastweb-fastgate/ Version: 0.00.47 CVE: CVE-2018-6023 I DESCRIPTION...
Fastweb FASTGate 0.00.47 Cross Site Request Forgery
Exploit Title: Fastweb FASTgate 0.00.47 CSRF Date: 09-05-2018 Exploit Authors: Raffaele Sabato Contact: https://twitter.com/syrion89 Vendor: Fastweb Product Web Page: http://www.fastweb.it/adsl-fibra-ottica/dettagli/modem-fastweb-fastgate/ Version: 0.00.47 CVE: CVE-2018-6023 I DESCRIPTION...
Fastweb FASTGate 0.00.47 - Cross-Site Request Forgery
Fastweb FASTGate 0.00.47 - Cross-Site Request Forgery Exploit Title: Fastweb FASTgate 0.00.47 CSRF Date: 09-05-2018 Exploit Authors: Raffaele Sabato Contact: https://twitter.com/syrion89 Vendor: Fastweb Product Web Page: http://www.fastweb.it/adsl-fibra-ottica/dettagli/modem-fastweb-fastgate/...
shop.fastweb.it Open Redirect vulnerability
Vulnerable URL: http://shop.fastweb.it/shop.php?p=;https://www.openbugbounty.org"%20http-equiv="refresh"%20"%20=6342=pr Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.12.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank|...