Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-19330

Malware in sbrugna...

8.8CVSS8.8AI score0.01026EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-19328

Malware in sbrugna...

9.1CVSS9.3AI score0.02924EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-19329

Malware in sbrugna...

7.5CVSS7.8AI score0.01328EPSS
Exploits3References5
OSV
OSV
added 2019/04/11 7:29 p.m.5 views

CVE-2019-9976

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users...

8.8CVSS7.4AI score0.01026EPSS
Exploits2References1
NVD
NVD
added 2019/04/11 7:29 p.m.21 views

CVE-2019-9975

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

7.5CVSS7.8AI score0.01328EPSS
Exploits3References3
NVD
NVD
added 2019/04/11 7:29 p.m.17 views

CVE-2019-9976

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users...

8.8CVSS8.7AI score0.01026EPSS
Exploits2References1
OSV
OSV
added 2019/04/11 7:29 p.m.5 views

CVE-2019-9975

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

7.5CVSS7.1AI score0.01328EPSS
Exploits3References3
OSV
OSV
added 2019/04/11 7:29 p.m.5 views

CVE-2019-9974

diagtool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack...

9.1CVSS7.4AI score0.02924EPSS
Exploits3References3
Prion
Prion
added 2019/04/11 7:29 p.m.15 views

Hardcoded credentials

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

5CVSS7.7AI score0.01328EPSS
Exploits3References3Affected Software1
Prion
Prion
added 2019/04/11 7:29 p.m.11 views

Design/Logic Flaw

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users...

4CVSS8.6AI score0.01026EPSS
Exploits2References1Affected Software1
UbuntuCve
UbuntuCve
added 2019/04/11 7:29 p.m.33 views

CVE-2019-9976

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users...

8.8CVSS7.2AI score0.01026EPSS
Exploits2References2
Prion
Prion
added 2019/04/11 7:29 p.m.15 views

Authorization

diagtool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack...

6.4CVSS9.2AI score0.02924EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2019/04/11 6:17 p.m.27 views

CVE-2019-9976

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users...

8.6AI score0.01026EPSS
Exploits2References1
CVE
CVE
added 2019/04/11 6:17 p.m.81 views

CVE-2019-9976

The CVE-2019-9976 entry documents a vulnerability in the Boa web server used on DASAN H660RM devices running firmware 1.03-0022 where POST data is logged to /tmp/boa-temp. This storage allows logged-in users to read the credentials of administration web interface users, causing a confidentiality ...

8.8CVSS8.5AI score0.01026EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2019/04/11 6:8 p.m.72 views

CVE-2019-9975

DASAN H660RM devices with firmware 1.03-0022 are affected by CVE-2019-9975 due to a hard-coded key used for logs encryption. This configuration allows data encrypted with that key to be decrypted by anyone who obtains the key. Connected sources (NVD/NVD-derived entries) confirm the vulnerable com...

7.5CVSS7.4AI score0.01328EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2019/04/11 6:8 p.m.25 views

CVE-2019-9975

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key...

7.5AI score0.01328EPSS
Exploits3References3
CVE
CVE
added 2019/04/11 6:1 p.m.70 views

CVE-2019-9974

CVE-2019-9974 affects DASAN H660RM GPON routers running firmware 1.03-0022. diag_tool.cgi lacks any authorization, enabling remote attackers to spawn ping processes via a GET request to enumerate LAN hosts or cause DoS by memory exhaustion. The lack of auth in diag_get_result.cgi also allows retr...

9.1CVSS9.2AI score0.02924EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2019/04/11 6:1 p.m.26 views

CVE-2019-9974

diagtool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack...

9.3AI score0.02924EPSS
Exploits3References3
0day.today
0day.today
added 2019/03/27 12:0 a.m.93 views

DASAN H660RM Information Disclosure / Hardcoded Key Vulnerability

DASAN H660RM allows for unauthenticated ping access, has a hardcoded key for encryption, and logs sensitive information into /tmp. DASAN H660RM Information Disclosure / Hardcoded Key CVE-2019-9974: diagtool.cgi on DASAN H660RM devices with firmware 1.03-0022 allows spawning ping processes without...

9.1CVSS8.1AI score0.02924EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/03/26 12:0 a.m.98 views

DASAN H660RM Information Disclosure / Hardcoded Key

Hi! CVE-2019-9974: diagtool.cgi on DASAN H660RM devices with firmware 1.03-0022 allows spawning ping processes without any authorization leading to information disclosure and DoS attacks Remote attacker could enumerate hosts on LAN interface sending requests to /cgi-bin/diagtool.cgi with ip...

8.2AI score0.02924EPSS
Exploits4
Rows per page
Query Builder