CVE-2020-7249

SMC D3G0804W 3.5.2.5-LATGA devices allow XSS via the SSID field on the WiFi Network Configuration page after a successful login to the admin account...

EUVD-2020-28376

Malware in sbrugna...

CVE-2020-8087

SMC Networks D3G0804W D3GNV5M-3.5.1.6.10GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by providing the...

SMC Networks Arbitrary Command Execution Vulnerability

The SMC Networks D3G0804W is an SMC network device. A security vulnerability exists in the SMC Networks D3G0804W Network Diagnostic Tool, which can be exploited by a remote attacker to submit a specially crafted request to execute arbitrary commands...

CVE-2020-8087

SMC Networks D3G0804W D3GNV5M-3.5.1.6.10GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by providing the...

CVE-2020-8087

SMC Networks D3G0804W D3GNV5M-3.5.1.6.10GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by providing the...

CVE-2020-8087

Summary: CVE-2020-8087 affects SMC Networks D3G0804W family devices (D3GNV5M-3.5.1.6.10 GA) where the Network Diagnostic Tools screen can be abused to execute commands remotely. The root cause is a parameter pollution flaw in goform/formSetDiagnosticToolsFmPing: the attacker supplies vlu_diagnost...

SMC Networks SMC D3G0804W Cross-Site Scripting Vulnerability

The SMC Networks SMC D3G0804W is a wireless router from SMC Networks USA. A cross-site scripting vulnerability exists in SMC Networks SMC D3G0804W version 3.5.2.5-LATGA. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit the...

CVE-2020-7249

SMC D3G0804W 3.5.2.5-LATGA devices allow XSS via the SSID field on the WiFi Network Configuration page after a successful login to the admin account...

CVE-2020-7249

SMC D3G0804W 3.5.2.5-LATGA devices allow XSS via the SSID field on the WiFi Network Configuration page after a successful login to the admin account...

Code injection

SMC D3G0804W 3.5.2.5-LATGA devices allow XSS via the SSID field on the WiFi Network Configuration page after a successful login to the admin account...

CVE-2020-7249

The CVE-2020-7249 entry describes an XSS vulnerability in SMC Networks SMC D3G0804W devices (version 3.5.2.5-LAT_GA). The issue enables stored or reflected XSS via the SSID field on the WiFi Network Configuration page after an admin login. Root cause is improper validation/handling of SSID data i...

CVE-2020-7249

SMC D3G0804W 3.5.2.5-LATGA devices allow XSS via the SSID field on the WiFi Network Configuration page after a successful login to the admin account...