3777 matches found
CVE-2017-14243
An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi, pppoe.cgi,...
UTStar WA3002G4 ADSL Broadband Modem - Authentication Bypass
UTStar WA3002G4 ADSL Broadband Modem - Authentication Bypass Exploit Title: UTStar WA3002G4 ADSL Broadband Modem Authentication Bypass Vulnerability CVE: CVE-2017-14243 Date: 15-09-2017 Exploit Author: Gem George Author Contact: https://www.linkedin.com/in/gemgrge Vulnerable Product: UTStar...
UTStar WA3002G4 ADSL Broadband Modem - Authentication Bypass
Exploit Title: UTStar WA3002G4 ADSL Broadband Modem Authentication Bypass Vulnerability CVE: CVE-2017-14243 Date: 15-09-2017 Exploit Author: Gem George Author Contact: https://www.linkedin.com/in/gemgrge Vulnerable Product: UTStar WA3002G4 ADSL Broadband Modem Firmware version: WA3002G4-0021.01...
Cisco IOS XE Software Arbitrary File Overwrite Vulnerability
Cisco ASR 920 Series Aggregation Services Routers are Cisco's ASR 920 series of multifunction routers.Cisco IOS XE Software is one of the operating systems dedicated to network devices. A security vulnerability exists in the USB-modem code of the IOS XE Software in the Cisco ASR 920 Series...
Cisco IOS XE Software Command Execution Vulnerability
Cisco ASR 920 Series Aggregation Services Routers are Cisco's ASR 920 series of multifunction routers.Cisco IOS XE Software is one of the operating systems dedicated to network devices. An arbitrary command execution vulnerability exists in the USB-modem code of the IOS XE Software in the Cisco A...
Technicolor TC7200 Modem/Router Detection (SNMP)
SNMP based detection of a Technicolor TC7200 Modem/Router. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-6796
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to...
Input validation
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to...
CVE-2017-6795
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper inpu...
Input validation
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper inpu...
CVE-2017-6796
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to...
CVE-2017-6795
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper inpu...
CVE-2017-6796
CVE-2017-6796 affects Cisco IOS XE Software on Cisco ASR 920 Series Routers. The vulnerability resides in the USB-modem code and stems from improper input validation of the platform usb modem command in the CLI, enabling an authenticated, local attacker to inject and execute arbitrary commands on...
CVE-2017-6795
Cisco IOS XE Software on Cisco ASR 920 Series Routers is affected by CVE-2017-6795 due to improper input validation in the USB-modem code (platform usb modem CLI command). A local, authenticated attacker could exploit this to overwrite arbitrary files on the device’s underlying operating system. ...
Cisco IOS XE Software for Cisco ASR 920 Series Routers Arbitrary Command Execution Vulnerability
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to...
Cisco IOS XE Software for Cisco ASR 920 Series Routers Arbitrary File Overwrite Vulnerability
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper inpu...
ZTE ADSL ZXV10 W300 Information Disclosure Vulnerability (CNVD-2017-28178)
The ZTE ADSL ZXV10 W300 is an ADSL modem Modem product from China's ZTE Corporation ZTE. A security vulnerability exists in the ZTE ADSL ZXV10 W300 W300V2.1.0fER7PEO57 version and W300V2.1.0hER7PEO57 version. A remote attacker can exploit the vulnerability to obtain user passwords...
ZTE ADSL ZXV10 W300 Password Interception Vulnerability
The ZTE ADSL ZXV10 W300 is an ADSL modem Modem product from China's ZTE Corporation ZTE. A security vulnerability exists in the ZTE ADSL ZXV10 W300 W300V2.1.0fER7PEO57 version and W300V2.1.0hER7PEO57 version. A remote attacker can exploit this vulnerability to change the administrator password by...
ZTE ADSL ZXV10 W300 Information Disclosure Vulnerability
The ZTE ADSL ZXV10 W300 is an ADSL modem Modem product from China's ZTE Corporation ZTE. A security vulnerability exists in ZTE ADSL ZXV10 W300 W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57. A remote attacker can exploit the vulnerability by logging into the target account with the help of arbitrar...
Code injection
ZTE ADSL ZXV10 W300 modems W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection...