Motorola SURFBoard Cable Modem Directory Traversal

Exploit for hardware platform in category local exploits ================================================== Motorola SURFBoard Cable Modem Directory Traversal ================================================== Exploit Title: Motorola SURFBoard Cable Modem Directory Traversal Date: 2010.06.03...

Motorola Surfboard Cable Modem - Directory Traversal

Exploit Title: Motorola SURFBoard Cable Modem Directory Traversal Date: 2010.06.03 Author: S2 Crew Hungary Software Link: - Version: Model name: SBV6120E, Firmware Name: SBV6X2X-1.0.0.5-SCM-02-SHPC Tested on: ^ CVE: - Code : The following urls get back the /etc/passwd file from the modem:...

CVE-2010-2026

The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page...

CVE-2010-2082

The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 has a default administrative password aka SAPassword of W2402, which makes it easier for remote attackers to obtain privileged access...

CVE-2010-2026

The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allow remote attackers to hijack the authentication of administrators for requests that 1 reset the modem, 2 erase the...

Authentication flaw

The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page...

CVE-2010-2082

The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 has a default administrative password aka SAPassword of W2402, which makes it easier for remote attackers to obtain privileged access...

CVE-2010-2026

The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page...

CVE-2010-2082

The CVE-2010-2082 entry concerns the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem. Affected component: the web interface on firmware 2.0.2r1256-060303. Root cause: default administrator password (SAPassword) W2402 is known, enabling easier privileged access for remote attackers. Impact ...

CVE-2010-2026

The CVE-2010-2026 entry applies to Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modems. The web interface (firmware 2.0.2r1256-060303) is vulnerable to cross-site request forgery (CSRF) and insufficient authentication, allowing remote attackers to bypass authentication and reset the modem or ...

CVE-2010-2025

Cisco WebSTAR DPC2100R2 cable modem (firmware 2.0.2r1256-060303) is affected by CSRF and insufficient authentication in its web interface, enabling remote attackers to hijack administrator actions such as resetting the modem, erasing or changing firmware, and altering the admin password via reque...

Scientific Atlanta DPC2100 cable modems security vulnerabilities

Crossite request forgery. Authentication bypass...

Scientific Atlanta DPC2100 WebSTAR Cable Modem vulnerabilities

=============================================================== Scientific Atlanta DPC2100 Cable Modem Cross-Site Request Forgery and Insufficient Authentication May 24, 2010 CVE-2010-2025, CVE-2010-2026 =============================================================== ==Description== Scientific...

Scientific Atlanta DPC2100 Cable Modem Cross Site Request Forgery

=============================================================== Scientific Atlanta DPC2100 Cable Modem Cross-Site Request Forgery and Insufficient Authentication May 24, 2010 CVE-2010-2025, CVE-2010-2026 =============================================================== ==Description== Scientific...

Code injection

microhttpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service device reboot via a long string to TCP port 80...

CVE-2010-1544

microhttpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service device reboot via a long string to TCP port 80...

CVE-2010-1544

The CVE-2010-1544 issue affects the micro_httpd component on the RCA DCM425 cable modem. A remote attacker can cause a denial-of-service reboot by sending a long string to TCP port 80. The available sources (NVD, Red Hat advisory, CVE records, and other catalogs) consistently describe this as a D...

Huawei EchoLife HG520c Denial Of Service

Exploit Title: Huawei EchoLife HG520c Denial of Service and Modem Reset Date: 2010-04-19 Author: hkm Product Link: http://www.huawei.com/mobileweb/en/products/view.do?id=660 Firmware Versions: 3.10.18.7-1.0.7.0 3.10.18.5-1.0.7.0 3.10.18.4 Software Versions: V100R001B120Telmex V100R001B121Telmex...

Huawei EchoLife HG520c - Modem Reset (Denial of Service)

Huawei EchoLife HG520c - Modem Reset Denial of Service Exploit Title: Huawei EchoLife HG520c Denial of Service and Modem Reset Date: 2010-04-19 Author: hkm Product Link: http://www.huawei.com/mobileweb/en/products/view.do?id=660 Firmware Versions: 3.10.18.7-1.0.7.0 3.10.18.5-1.0.7.0 3.10.18.4...