18 matches found
EUVD-2016-8659
Malware in sbrugna...
CVE-2016-7811
Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows remote attackers to hijack the authentication of logged in user to conduct unintended operations via unspecified vectors...
CVE-2016-7810
Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-7811
Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors...
Design/Logic Flaw
Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors...
CVE-2016-7810
Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-7811
Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors...
CVE-2016-7809
The CVE-2016-7809 entry concerns a CSRF vulnerability in Corega CG-WLR300NX firmware versions 1.20 and earlier. Affected product: CG-WLR300NX (wireless router). Vulnerable component: the firmware’s authentication handling allows an attacker to hijack a logged-in user’s session to perform unintend...
CVE-2016-7811
The CVE-2016-7811 entry concerns Corega CG-WLR300NX firmware (version 1.20 and earlier). The vulnerability allows an attacker on the same network segment to bypass access restrictions and perform arbitrary operations via unspecified vectors. Public sources (NVD/NVD mirrors, JVN/JVNDB) consistentl...
CVE-2016-7810
CVE-2016-7810 affects Corega CG-WLR300NX firmware up to v1.20. It is a Cross-site Scripting (CWE-79) vulnerability that allows an attacker with administrator rights to inject arbitrary web script/HTML via unspecified vectors, potentially causing script execution in the user’s browser. Affected pr...
CG-WLR300NX fails to restrict access permissions
Overview CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX fails to restrict access permissions. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
CG-WLR300NX vulnerable to cross-site request forgery
Overview CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX contains a cross-site request forgery vulnerability CWE-352. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
JVN#25060672: Multiple Corega wireless LAN routers vulnerable to cross-site scripting
Multiple Corega wireless LAN routers contain a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Use CG-WLR300NX or CG-WFR600 CG-WLBARGMH and CG-WLBARGNL are no longer being supported, therefore fix for this vulnerability wil...
JVN#92237169: CG-WLR300NX vulnerable to cross-site scripting
CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Firmware Update to the latest version of firmware according to the information...
JVN#23823838: CG-WLR300NX vulnerable to cross-site request forgery
CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Firmware Update to the latest version of...
JVN#23549283: CG-WLR300NX fails to restrict access permissions
CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX fails to restrict access permissions. Impact An attacker who can access the product may perform an arbitrary operation in the product while an administrator logs in. Solution Update the Firmware Update to the latest version ...