9 matches found
Peplink Balance routers SQLi
Firmware versions up to 7.0.0-build1904 of Peplink Balance routers are affected by an unauthenticated SQL injection vulnerability in the bauth cookie, successful exploitation of the vulnerability allows an attacker to retrieve the cookies of authenticated users, bypassing the web portal...
CVE-2017-8835
creationtimestamp| type| source ---|---|--- 2020-08-27 21:59:46+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/peplinkbauthsqli.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:00+00:00| seen|...
saitarnshop.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-957697 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting saitarnshop.com website and...
Multiple Vulnerabilities in peplink balance routers
Multiple Vulnerabilities in peplink balance routers =================================================== Overview -------- Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions: fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093.bin Vulnerable Firmware:...
Peplink Balance Routers 7.0.0-build1904 - SQL Injection Cross-Site Scripting Information Disclosure
Peplink Balance Routers 7.0.0-build1904 - SQL Injection Cross-Site Scripting Information Disclosure X41 D-Sec GmbH Security Advisory: X41-2017-005 Multiple Vulnerabilities in peplink balance routers =================================================== Overview -------- Confirmed Affected Versions:...
Peplink Balance Routers 7.0.0-build1904 - SQL Injection / Cross-Site Scripting / Information Disclosure
X41 D-Sec GmbH Security Advisory: X41-2017-005 Multiple Vulnerabilities in peplink balance routers =================================================== Overview -------- Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions:...
CVE-2017-8835
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a sessi...
CVE-2017-8835
CVE-2017-8835 describes an unauthenticated SQL injection in Peplink Balance routers (models 305, 380, 580, 710, 1350, 2500) that is triggered via the bauth cookie to the path cgi-bin/MANGA/admin.cgi. The underlying issue enables an attacker to observe session data and enumerate user accounts, as ...
Peplink 7.0.0-build1904 XSS / CSRF / SQL Injection / File Deletion
X41 D-Sec GmbH Security Advisory: X41-2017-005 Multiple Vulnerabilities in peplink balance routers =================================================== Overview -------- Confirmed Affected Versions: 7.0.0-build1904 Confirmed Patched Versions:...