19 matches found
EUVD-2019-6605
Malware in sbrugna...
EUVD-2019-6606
Malware in sbrugna...
CVE-2019-15654
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login...
CVE-2019-15653
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real...
Unspecified Vulnerability in Comba Telecom AP2600-I (CNVD-2020-22256)
Comba Telecom AP2600-I is a wireless access point device from Comba Telecom India. A security vulnerability exists in Comba Telecom AP2600-I devices A02,0202N00PD2 and earlier versions, which can be exploited by remote attackers with the help of a specially crafted request to obtain sensitive...
Unspecified Vulnerability in Comba Telecom AP2600-I
Comba Telecom AP2600-I is a wireless access point device from Comba Telecom India. A security vulnerability exists in the upcfgAction.php file in Comba Telecom AP2600-I devices A02,0202N00PD2 and earlier versions, which can be exploited by a remote attacker with the help of a specially crafted...
CVE-2019-15654
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login...
CVE-2019-15653
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real...
Design/Logic Flaw
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login...
Design/Logic Flaw
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real...
CVE-2019-15654
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login...
CVE-2019-15654
CVE-2019-15654 affects Comba AC2400 devices. A crafted unauthenticated request to the web API endpoint "/09/business/upgrade/upcfgAction.php?download=true" can disclose the DBconfig.cfg, with the login information stored in cleartext at the end of the file. This is triggered by the web management...
CVE-2019-15653
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real...
CVE-2019-15653
The CVE-2019-15653 entry affects Comba AP2600-I devices (through A02,0202N00PD2). The root issue is an insecure authentication mechanism that exposes credentials via the login page’s HTML source, where usernames and passwords are derivable; specifically, usernames/passwords are the double MD5 of ...
PT-2020-9752 · Comba · Comba Ac2400
Name of the Vulnerable Software and Affected Versions: Comba AC2400 devices affected versions not specified Description: The issue allows for password disclosure through a crafted request to the "/09/business/upgrade/upcfgAction.php?download=true" API endpoint. This request does not require...
Comba Telecom Router Authentication Bypass
An information disclosure vulnerability exists in Comba Routers. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext
What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecu...
Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext
What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecu...
Vulnerabilities in D-Link, Comba Routers Can Leak Credentials
Researchers have discovered vulnerabilities in D-Link and Comba Telecom routers that can leak passwords for the devices and have the potential to affect every user on networks that use them for access. Trustwave SpiderLabs Security Researcher Simon Kenin discovered the vulnerabilities—two in a...