24 matches found
EUVD-2020-26767
Malware in sbrugna...
EUVD-2020-26766
Malware in sbrugna...
CVE-2020-5606
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page...
CVE-2020-5605
Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors...
CVE-2020-5605
Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors...
CVE-2020-5606
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page...
CVE-2020-5605
Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors...
CVE-2020-5606
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page...
Cross site scripting
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page...
Directory traversal
Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors...
CVE-2020-5605
Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors...
CVE-2020-5606
Buffalo WHR-G54S firmware 1.43 and earlier is affected by CVE-2020-5606: a Cross-site Scripting vulnerability that allows remote attackers to inject arbitrary scripts via a specially crafted page. The vulnerability affects the device’s web interface, and is tied to firmware versions 1.43 and earl...
CVE-2020-5605
CVE-2020-5605 affects Buffalo AirStation WHR-G54S firmware 1.43 and earlier. The vulnerability is a directory traversal that may let an attacker access sensitive information such as setting values via unspecified vectors. Documented impact includes exposure of configuration data when an authentic...
CVE-2020-5606
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page...
Multiple vulnerabilities in Buffalo AirStation WHR-G54S
Overview Buffalo AirStation WHR-G54S contains multiple vulnerabilities listed below. Directory Traversal - CVE-2020-5605 Cross-site Scripting - CVE-2020-5606 RyotaK reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...
Buffalo WHR-G54S Cross-Site Scripting Vulnerability
Buffalo WHR-G54S firmware WHR-G54S firmware,WHR-G54S firmware is a driver for Buffalo Miroku WHR-G54S wireless router from Buffalo, Japan. A cross-site scripting vulnerability exists in WHR-G54S version 1.43 and earlier versions, which can be exploited by remote attackers to inject arbitrary...
Buffalo WHR-G54S Path Traversal Vulnerability
Buffalo WHR-G54S firmware WHR-G54S firmware,WHR-G54S firmware is a driver for Buffalo Miroku WHR-G54S wireless router from Buffalo, Japan. A path traversal vulnerability exists in WHR-G54S version 1.43 and earlier versions, which arises from a failure of a network system or product to properly...
JVN#09166495: Multiple vulnerabilities in Buffalo AirStation WHR-G54S
Buffalo AirStation WHR-G54S contains multiple vulnerabilities listed below. Directory Traversal - CVE-2020-5605 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N| Base Score: 4.1 CVSS v2| AV:A/AC:L/Au:S/C:P/I:N/A:N| Base Score: 2.7 Cross-site Scripting -...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...
CVE-2007-4822
Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...