67 matches found
EUVD-2019-7853
Malware in sbrugna...
EUVD-2014-8490
Malware in sbrugna...
EUVD-2019-7642
Malware in sbrugna...
CVE-2019-13025
Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST HTTP request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable mod...
CVE-2014-8656
The Compal Broadband Networks CBN CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH have a default password of 1 admin for the admin account and 2 compalbn for the root account, which makes it easier for remote attackers to obtain access to certain sensitive information...
CVE-2019-17224
The web interface of the Compal Broadband CH7465LG modem version CH7465LG-NCIP-6.12.18.25-2p6-NOSH is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of th...
CVE-2019-17499
The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the TargetIP parameter...
DoppelPaymer ransomware group disrupted
Europol has announced it has arrested two suspected core members of the DoppelPaymer ransomware group. On 28 February, the German Regional Police and the Ukrainian National Police, with support from Europol, the Dutch Police, and the United States Federal Bureau of Investigations FBI, apprehended...
Compal ConnectBox Remote Code Execution (CVE-2019-13025)
A remote code execution vulnerability exists in Compal ConnectBox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2019-19494
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
CVE-2019-19494
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
Buffer overflow
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
CVE-2019-19494
CVE-2019-19494 describes a buffer overflow in Broadcom-based cable modems that enables remote code execution at the kernel level via JavaScript in a victim’s browser. Affected devices include Sagemcom F@st 3890 (before 50.10.21_T4; before 05.76.6.3f), Sagemcom F@st 3686 (3.428.0; 4.83.0), NETGEAR...
CVE-2019-19494
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
Compal Broadband CH7465LG modem path traversal vulnerability
The Compal Broadband CH7465LG modem is a modem from Compal Computer Industries Compal of Taiwan, China. A path traversal vulnerability exists in the web interface of the Compal Broadband CH7465LG modem CH7465LG-NCIP-6.12.18.25-2p6-NOSH version, which arises from a failure of a networked system or...
CVE-2019-17224
The web interface of the Compal Broadband CH7465LG modem version CH7465LG-NCIP-6.12.18.25-2p6-NOSH is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of th...
CVE-2019-17224
The web interface of the Compal Broadband CH7465LG modem version CH7465LG-NCIP-6.12.18.25-2p6-NOSH is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of th...
Path traversal
The web interface of the Compal Broadband CH7465LG modem version CH7465LG-NCIP-6.12.18.25-2p6-NOSH is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of th...
CVE-2019-17224
The CVE-2019-17224 entry concerns the web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH). A /%2f/ path traversal vulnerability could be exploited to probe for files outside the web root. Behavior observed in the description: if a file exists but is no...
CVE-2019-17224
The web interface of the Compal Broadband CH7465LG modem version CH7465LG-NCIP-6.12.18.25-2p6-NOSH is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of th...