CVE-2017-18317

Restrictions related to the modem sim lock, sim kill can be bypassed by manipulating the system to issue a deactivation flow sequence in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU,SD 410/12,SD 820,SD 820A...

Design/Logic Flaw

Restrictions related to the modem sim lock, sim kill can be bypassed by manipulating the system to issue a deactivation flow sequence in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU,SD 410/12,SD 820,SD 820A...

CVE-2017-18317

CVE-2017-18317 affects Qualcomm closed‑source components in Snapdragon Automotive and Snapdragon Mobile (MSM8996AU, SD 410/12, SD 820, SD 820A). The issue allows bypass of modem restrictions (sim lock/sim kill) by manipulating the system to issue a deactivation flow sequence. The available docume...

CVE-2017-18317

Restrictions related to the modem sim lock, sim kill can be bypassed by manipulating the system to issue a deactivation flow sequence in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU,SD 410/12,SD 820,SD 820A...

CVE-2017-18317

Restrictions related to the modem sim lock, sim kill can be bypassed by manipulating the system to issue a deactivation flow sequence in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU,SD 410/12,SD 820,SD 820A...

ZyXEL VMG3312-B10B 1.00(AAPP.7) - Credential Disclosure

ZyXEL VMG3312-B10B 1.00AAPP.7 - Credential Disclosure Exploit Title: ZyXEL VMG3312-B10B - Leak Credentials "; else continue; else echo "pfff"; ftpclose$ftpconn; ?...

ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure Exploit

Exploit for hardware platform in category dos / poc Exploit Title: ZyXEL VMG3312-B10B - Leak Credentials "; else continue; else echo "pfff"; ftpclose$ftpconn; ? 0day.today 2018-10-31...

Race condition

When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 62...

Design/Logic Flaw

Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430...

CVE-2017-18308

Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430...

CVE-2017-18308

CVE-2017-18308 affects Qualcomm modem components in Snapdragon Mobile and Snapdragon Wear devices (MDM9607, MSM8909W, SD 210/212/205, SD 425, SD 430). The issue arises because modem segments become unlocked after authentication, leaving segments open to all. The impact is described as complete co...

CVE-2018-11305

CVE-2018-11305 describes a Use-After-Free condition in Qualcomm Snapdragon modems triggered by a sequence of FDAL messages. Affected products include Snapdragon Automotive, Mobile, and Wear platforms across the listed chipsets: MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU and multiple ...

CVE-2018-11305

When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 62...

CVE-2017-18308

Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430...

Fastweb FASTGate modem unauthorized remote command execution vulnerability

Fastweb is a subnet of Swisscom, the main fixed line operator in Italy, and FASTGate is Fastweb's latest generation of modems. FASTGate is Fastweb's latest generation of modems. An unauthorized remote command execution vulnerability exists in the Fastweb FASTGate modem. An attacker can execute...

Airties AIR5443v2 1.0.0.18 Cross Site Scripting Vulnerability

A cross site scripting vulnerability has been discovered in the AIR5442 modem of the AirTies manufacturer. AirTies Air 5442 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5443v2 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...

Airties AIR5021 1.0.0.18 Cross Site Scripting Vulnerability

A cross site scripting vulnerability has been discovered in the AIR5342 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5021 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...

Airties AIR5453 1.0.0.18 Cross Site Scripting Vulnerability

A cross site scripting vulnerability has been discovered in the AIR5453 modem of the AirTies manufacturer. AirTies Air 5453 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5453 - Cross-site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...

Airties AIR5650 1.0.0.18 Cross Site Scripting Vulnerability

A cross site scripting vulnerability has been discovered in the AIR5650 modem of the AirTies manufacturer. AirTies Air 5650 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5650 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...

Airties AIR5343v2 1.0.0.18 Cross Site Scripting

Exploit Title: Airties AIR5343v2 - Cross-Site Scripting Date: 25-09-2018 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.airties.com/ Software http://www.airties.com.tr/support/dcenter/ Version: 1.0.0.18 Tested on: MacOS High Sierra / Linux Mint / Windows 10 CVE : CVE-2018-17591 A...