3 matches found
Virtual Access GW6110A路由器权限提升漏洞
CVE ID:CVE-2014-0343 Virtual Access GW6110A是路由器产品系列。 Virtual Access GW6110A路由器在实现上存在权限提升漏洞,可使经过身份验证的远程攻击者通过修改javascript变量,更改在Web接口上的用户访问级别,利用此漏洞提升其权限。 0 virtualaccess GW6000-adsl2-router 9.50.21 virtualaccess GW6000-adsl2-router 9.09.27 virtualaccess GW6000-adsl2-router 10.00.21 virtualaccess...
CVE-2014-0343
The CVE concerns Virtual Access GW6110A routers. Affected software versions are 9.00–before 9.09.27, 9.50–before 9.50.21, and 10.00–before 10.00.21. The vulnerability allows an authenticated remote user to escalate privileges by modifying a JavaScript variable that checks user access level on the...
Virtual Access GW6110A router privilege escalation vulnerability
Overview Virtual Access GW6110A routers contain a privilege escalation vulnerability which could allow an authenticated user to escalate their privileges. Description CWE-472: External Control of Assumed-Immutable Web ParameterVirtual Access GW6110A routers contain a privilege escalation...