Lucene search
K

6 matches found

Openbugbounty
Openbugbounty
added 2023/06/10 11:56 a.m.15 views

zahnarztpraxis-noe-eberl.de Cross Site Scripting vulnerability OBB-3406563

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/07 12:0 a.m.85 views

ASUS WRT Session Hijacking Nmap NSE Script

local http = require "http" local shortport = require "shortport" local stdnse = require "stdnse" local string = require "string" local vulns = require "vulns" local nmap = require "nmap" description = ASUSWRT is a wireless router operating system that powers many routers produced by ASUS. Sessio...

9.3CVSS0.3AI score0.07552EPSS
Exploits6
seebug.org
seebug.org
added 2017/03/10 12:0 a.m.125 views

ASUSWRT - Multiple Vulnerabilities

ASUSWRT is a wireless router operating system that powers many routers produced by ASUS. Multiple exploitable vulnerabilities could be identified in the current version of ASUSWRT. Published: 08 Mar 2017 Affected routers: - RT-AC53 3.0.0.4.380.6038 ---------- Cross-Site Scripting XSS Component:...

10CVSS8.8AI score0.21342EPSS
Exploits13
CVE
CVE
added 2017/03/09 9:26 a.m.94 views

CVE-2017-6549

CVE-2017-6549 is a session hijack vulnerability in the httpd component of ASUSWRT firmware on multiple ASUS routers (e.g., RT-N56U/RT-N66U/RT-AC66U/RT-AC68U family, RT-AC53U, RT-N12, RT-AC5300, RT-N600, and Asuswrt-Merlin variants) with firmware older than the specified versions (pre 3.0.0.4.380....

9.3CVSS8.5AI score0.07552EPSS
Exploits6References4Affected Software1
exploitpack
exploitpack
added 2017/03/08 12:0 a.m.35 views

ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing

ASUSWRT RT-AC53 3.0.0.4.380.6038 - Session Stealing Session Stealing Component: httpd CVE: CVE-2017-6549 Vulnerability: httpd uses the function searchtokeninlist to validate if a user is logged into the admin interface by checking his asustoken value. There seems to be a branch which could be a...

9.3CVSS8.9AI score0.07552EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/03/08 12:0 a.m.52 views

ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing

Session Stealing Component: httpd CVE: CVE-2017-6549 Vulnerability: httpd uses the function searchtokeninlist to validate if a user is logged into the admin interface by checking his asustoken value. There seems to be a branch which could be a failed attempt to build in a logout functionality...

9.3CVSS8.8AI score0.07552EPSS
Exploits6
Rows per page
Query Builder