7 matches found
EUVD-2019-7780
Malware in sbrugna...
CVE-2021-27990
Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities...
CVE-2019-17373
Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2...
Improper Access Control
Description The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor. Proof of Concept Unauthorized actors can access critical pages directly. - InstallDatabase.php - diagnostic.php...
CVE-2019-17373
Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2...
CVE-2019-17373
CVE-2019-17373 affects several NETGEAR devices (MBR1515/1516, DGN2200/2200M, DGND3700, WNR2000v2, WNDR3300/3400, WNR3500, WNR834Bv2). The issue is an unauthenticated access vulnerability that lets an attacker reach critical .cgi and .htm pages by manipulating a URL with a substring ending in .jpg...
CVE-2019-17373
Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2...