Lucene search
K

8 matches found

CNVD
CNVD
added 2019/06/19 12:0 a.m.2 views

Securifi Almond Buffer Overflow Vulnerability

The Securifi Almond is a wireless router with a touch screen. A buffer overflow vulnerability exists in routerSummary in Securifi Almond, Almond+, and Almond 2015 using firmware version AL-R096, which can be exploited by an attacker to cause a buffer overflow or heap overflow...

6.4CVSS7.4AI score0.02011EPSS
Exploits1References1
CNVD
CNVD
added 2019/06/19 12:0 a.m.3 views

Securifi Almond Command Injection Vulnerability (CNVD-2019-18745)

The Securifi Almond is a wireless router with a touch screen. A command injection vulnerability exists in the port forwarding feature in Securifi Almond, Almond+, and Almond 2015 using firmware version AL-R096, which can be exploited by an attacker to submit a malicious payload and take control o...

8.8CVSS7.7AI score0.06981EPSS
Exploits1References1
CVE
CVE
added 2019/06/18 8:18 p.m.103 views

CVE-2017-8334

CVE-2017-8334 affects Securifi Almond, Almond+, and Almond 2015 devices running firmware AL-R096. The vulnerability stems from failing to implement protection against cross-site scripting forgery in the web management interface, enabling an attacker to lure a logged-in admin/user into executing a...

8CVSS7.5AI score0.00928EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2019/06/18 8:15 p.m.19 views

CVE-2017-8331

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set ...

8.8CVSS9.1AI score0.06981EPSS
Exploits1References3
CVE
CVE
added 2019/06/18 7:50 p.m.64 views

CVE-2017-8329

Securifi Almond/Almond+ (2015) devices with firmware AL-R096 are affected. A POST parameter mssid_1 in the webServer’s routerSummary flow lacks string length checks, allowing an attacker to send a large payload that overflows a stack/buffer (via the goahead binary on MIPS Little Endian), potentia...

6.4CVSS6.3AI score0.02011EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2019/06/18 7:15 p.m.13 views

Design/Logic Flaw

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way...

6.5CVSS8.7AI score0.0269EPSS
Exploits1References3Affected Software3
CVE
CVE
added 2019/06/18 6:27 p.m.67 views

CVE-2017-8335

The CVE-2017-8335 issue affects Securifi Almond, Almond+, and Almond 2015 devices running firmware AL-R096. A stack/return-address overflow arises in the handling of the mssid_1 POST parameter when setting the wireless network name, via the getCfgToHTML path in the vulnerable goahead binary (MIPS...

8CVSS7.7AI score0.02077EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2019/06/18 6:22 p.m.72 views

CVE-2017-8336

The CVE-2017-8336 issue affects Securifi Almond, Almond+, and Almond 2015 devices running AL-R096. A vulnerable function in the goahead binary (MIPS little endian) processes POST parameters for creating routes; specifically, the POST parameter “gateway” can overflow the stack and allow an attacke...

8.8CVSS8.7AI score0.0269EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder