16 matches found
EUVD-2020-21353
Malware in sbrugna...
CVE-2020-28968
Draytek VigorAP 1000C contains a stored cross-site scripting XSS vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field...
The vulnerability of the RADIUS Setting module – RADIUS Server Configuration software for monitoring, managing, and configuring Draytek VigorAP access points – allows a attacker to carry out XSS attacks.
The vulnerability of the RADIUS Setting module – RADIUS Server Configuration software for monitoring, managing, and configuring Draytek VigorAP access points – is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious acto...
The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in the lack of access control. This allows a malicious user to delete any files with root privileges.
The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to delete any files with root privileges...
The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in improper restrictions on path names to the restricted directory. This allows attackers to load arbitrary files with root privileges.
The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in improper path name restrictions in the access-controlled directory. Exploiting this vulnerability allows an attacker to download...
CVE-2020-28968
Draytek VigorAP 1000C contains a stored cross-site scripting XSS vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field...
CVE-2020-28968
Draytek VigorAP 1000C contains a stored cross-site scripting XSS vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field...
Cross site scripting
Draytek VigorAP 1000C contains a stored cross-site scripting XSS vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field...
CVE-2020-28968
The CVE-2020-28968 entry applies to Draytek VigorAP 1000C. A stored XSS vulnerability exists in the RADIUS Setting – RADIUS Server Configuration module, allowing an attacker to execute arbitrary web scripts or HTML via a crafted payload in the username input field. The documents do not specify af...
CVE-2020-28968
Draytek VigorAP 1000C contains a stored cross-site scripting XSS vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field...
Draytek VigorAP 1000C 跨站脚本漏洞
DrayTek Corporation Draytek VigorAp is a wireless access point from DrayTek Corporation. The Draytek VigorAP 1000C suffers from a cross-site scripting vulnerability that stems from the software's lack of effective filtering and validation of user uploaded parameters in the RADIUS Settings - RADIU...
Draytek VigorAP Cross-Site Scripting Vulnerability
The Draytek VigorAP is an 11ac Wave 2 dual-band wireless mesh access point with port LAN switch. A cross-site scripting vulnerability exists in Draytek VigorAP. An attacker can exploit the vulnerability by injecting their own malicious script code using non-persistent attack vectors to disrupt...
Draytek VigorAP 1000C - Persistent Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Title: Draytek VigorAP 1000C - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-05-07 Vendor: https://www.draytek.com/ Software: https://www.draytek.com/products/vigorap-903/ Product & Service Introduction:...
Draytek VigorAP Cross Site Scripting
Document Title: =============== Draytek VigorAP - RADIUS Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2244 Release Date: ============= 2020-05-07 Vulnerability Laboratory ID VL-ID: ==================================== 224...
Draytek VigorAP 1000C - Persistent Cross-Site Scripting
Title: Draytek VigorAP 1000C - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-05-07 Vendor: https://www.draytek.com/ Software: https://www.draytek.com/products/vigorap-903/ CVE: N/A Document Title: =============== Draytek VigorAP - RADIUS Persistent XSS Vulnerability...
Draytek VigorAP - (RADIUS) Persistent XSS Vulnerability
Document Title: =============== Draytek VigorAP - RADIUS Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2244 Release Date: ============= 2020-05-06 Vulnerability Laboratory ID VL-ID: ==================================== 224...