3800 matches found
[SECURITY] Fedora 27 Update: torbrowser-launcher-0.2.9-1.fc27
Tor Browser Launcher is intended to make Tor Browser easier to install and use for GNU/Linux users. You install torbrowser-launcher from your distribution's package manager and it handles everything else: Downloads and installs the most recent version of Tor Browser in your lan guage and for your...
Aztech Modem Routers Information Disclosure Vulnerability
Aztech Modem Routers is an all-in-one modem and router product from the Aztech group of companies in Singapore. An information disclosure vulnerability exists in Aztech Modem Routers. The vulnerability can be exploited by an attacker to gain access to sensitive information, which can be used to...
Multiple Aztech Modem Router Products Session Hijacking Vulnerability
Aztech Modem Routers is an all-in-one modem and router product from the Aztech group of companies in Singapore. A session hijacking vulnerability exists in multiple Aztech Modem Routers products. An attacker could exploit this vulnerability to gain access to affected devices...
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak
Summary We introduce SDT-CS3B1 LTE router which is a SKT 3G and 4G LTE wireless communication based LTE router product. Description Insecure direct object references occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attacke...
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure Vulnerability
Exploit for hardware platform in category web applications Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0...
Telesquare SKT LTE Router SDT-CS3B1 - Denial of Service Exploit
Exploit for hardware platform in category dos / poc !/usr/bin/env python Telesquare SKT LTE Router SDT-CS3B1 Remote Reboot Denial Of Service Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1...
Eir’s D1000 Modem Is Wide Open To Being Hacked.
Background The Eir D1000 Modem has bugs that allow an attacker to gain full control of the modem from the Internet. The modem could then be used to hack into internal computers on the network, as a proxy host to hack other computers or even as a bot in a botnet. A port scan of the the modem...
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0 Modem model: PM-L300S Summary: We introduce SDT-CS3B1 LTE...
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0 Modem...
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1...
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0 Modem model: PM-L300S Summary: We introduce SDT-CS3B1 LTE...
Telesquare SKT LTE Router SDT-CS3B1 WebDAV HTTP Methods Arbitrary File Events
Summary We introduce SDT-CS3B1 LTE router which is a SKT 3G and 4G LTE wireless communication based LTE router product. Description WebDAV is enabled with directory listing and dangerous HTTP methods allowed: PROPFIND, DELETE, MKCOL, PUT, MOVE, COPY, PROPPATCH, LOCK and UNLOCK. The HTTP PUT metho...
June 27, 2017—KB4022723 (OS Build 14393.1378)
June 27, 2017—KB4022723 OS Build 14393.1378 Improvements and Fixes This non-security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed an issue introduced by KB4022715where Internet Explorer and Microsoft Edg...
CVE-2014-8358
Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 23.015.02.07.1014 and before V200R003B015D02SP08C1014 23.015.02.08.1014 use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a...
Design/Logic Flaw
Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 23.015.02.07.1014 and before V200R003B015D02SP08C1014 23.015.02.08.1014 use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a...
CVE-2014-8358
Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 23.015.02.07.1014 and before V200R003B015D02SP08C1014 23.015.02.08.1014 use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a...
CVE-2014-8358
CVE-2014-8358 affects Huawei EC156/EC176/EC177 USB Modem firmware/software prior to UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014). The core issue is a weak Access Control List in the Mobile Partner directory that allows a low-privilege u...
CVE-2017-17463
Vivo modems allow remote attackers to obtain sensitive information by reading the index.cgi?page=wifi HTML source code, as demonstrated by ssid and pskwepkey fields...
PHOENIX CONTACT FL COMSERVER, FL COM SERVER, and PSI-MODEM/ETH
CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: PHOENIX CONTACT Equipment: FL COMSERVER, FL COM SERVER, and PSI-MODEM/ETH Vulnerability: Cross-site Scripting AFFECTED PRODUCTS The following models running firmware versions prior to 1.99, 2.20, or 2.40 of FL...
ZyXEL PK5001Z Modem Authentication Bypass (CVE-2016-10401)
An Unauthorized Access Vulnerability exists in ZyXEL PK5001Z Modem. Successful exploitation of this vulnerability could allow a remote attacker to gain administrator level access on the affected device...