11 matches found
CVE-2013-6881
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 sector size or 2 skip count fields for the forensic imaging task...
Default credentials
The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...
CVE-2013-6884
CVE-2013-6884 affects the CRU Ditto Forensic FieldStation write-blocker firmware up to 2013Oct15a. The issue is a default credential pair (username: ditto, password: ditto) that enables remote attackers to gain privileges. Public references (NVD entry and related advisories) confirm the vulnerabi...
CVE-2013-6884
The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...
CVE-2013-6883
Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...
CVE-2013-6882
Multiple cross-site scripting XSS vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow 1 remote attackers to inject arbitrary web script or HTML via the username parameter in a login or 2 remote authenticated users to inject arbitrary web script or HTML vi...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow 1 remote attackers to inject arbitrary web script or HTML via the username parameter in a login or 2 remote authenticated users to inject arbitrary web script or HTML vi...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...
CVE-2013-6882
Multiple cross-site scripting XSS vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow 1 remote attackers to inject arbitrary web script or HTML via the username parameter in a login or 2 remote authenticated users to inject arbitrary web script or HTML vi...
CVE-2013-6883
CVE-2013-6883 describes a CSRF vulnerability in the CRU Ditto Forensic FieldStation, affecting firmware before 2013-Oct-15a. The issue allows remote attackers to hijack an administrator’s authentication to perform actions that modify the device’s disk-erase technique settings via unspecified vect...
CVE-2013-6883
Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...