SEIL Series routers vulnerable to denial-of-service (DoS)

Overview The PPP Access Concentrator PPPAC and the Dial-Up Networking in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to an issue in processing certain packets CWE-119. Note that this vulnerability is different from JVN21907573...

CVE-2014-7281

Cross-site request forgery CSRF vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot...

Huawei E5332 vulnerable to denial-of-service (DoS)

Overview Huawei E5332 contains a denial-of-service DoS vulnerability. Huawei E5332 provided by Huawei Technologies is a mobile router. Huawei E5332 contains an issue when processing a GET request that contains an extremely long parameter, which lead to the device rebooting. Shuto Imai of Chukyo...

Huawei Quidway Switches DoS (HWPSIRT-2014-0301)

The remote host is a Huawei Quidway switch running a firmware version that is affected by a denial of service vulnerability. The issue is due to a failure to properly validate input. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed packets to cause excessiv...

Huawei eSap Platform DoS (HWPSIRT-2014-0111)

The remote host is a Huawei device running a firmware version that is affected by a denial of service vulnerability. The issue stems from a heap overflow vulnerability in the firmware. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed packets to cause...

D-Link DI-704P Syslog.HTM Denial of Service Vulnerability

source: http://www.securityfocus.com/bid/7686/info D-Link DI-704P has been reported prone to a remote denial of service vulnerability. The issue presents itself in a D-Link web interface page. It has been reported that when excessive is data passed URI parameter in a request for the vulnerable...

IBM WebSphere DataPower XML Security Gateway 3.6.1 XS40 Remote Denial Of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33169/info IBM WebSphere DataPower XML Security Gateway XS40 is prone to a remote denial-of-service vulnerability because it fails to handle user-supplied input. Remote attackers can exploit this issue to cause the device...

CVE-2013-6922

Multiple cross-site request forgery CSRF vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that 1 add user accounts via a crafted request to admin/accesscontroluseradd.php; 2...

CVE-2013-7043

Multiple cross-site request forgery CSRF vulnerabilities on Cisco Scientific Atlanta DPR2320R2 routers with software 2.0.2r1262-090417 allow remote attackers to hijack the authentication of administrators for requests that 1 change a password via the Password parameter to goform/RgSecurity; 2...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities on Cisco Scientific Atlanta DPR2320R2 routers with software 2.0.2r1262-090417 allow remote attackers to hijack the authentication of administrators for requests that 1 change a password via the Password parameter to goform/RgSecurity; 2...

CVE-2013-5526

The CVE-2013-5526 issue affects Cisco Unified IP Phone 8900/9900 series (Cisco 9900 fourth‑gen phones). It stems from improper SDP negotiation in the phones’ SDP handling, allowing an unauthenticated remote attacker to trigger a device reboot (DoS) by sending crafted SDP packets. Exploitation rel...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that 1...

Huawei HG866 - Authentication Bypass

Huawei HG866 - Authentication Bypass Exploit Title: Huawei HG866 Authentication Bypass Date: Jun 14 2012 Exploit Author: hkm Vendor Homepage: http://www.huawei.com Version: V1R2C01SPC202, R3.2.4.92sbn - R3.4.2.257sbn, 3FE53864AOCB16 Tested on: HG866GTAVER.C, 01, 02 Advisory:...

Huawei HG866 Authentication Bypass

Exploit for hardware platform in category web applications Exploit Title: Huawei HG866 Authentication Bypass Date: Jun 14 2012 Exploit Author: hkm Vendor Homepage: http://www.huawei.com Version: V1R2C01SPC202, R3.2.4.92sbn - R3.4.2.257sbn, 3FE53864AOCB16 Tested on: HG866GTAVER.C, 01, 02 Advisory:...

Code injection

The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 allows remote attackers to cause a denial of service device reboot via a large number of requests in a short time interval...

CVE-2010-1544

The CVE-2010-1544 issue affects the micro_httpd component on the RCA DCM425 cable modem. A remote attacker can cause a denial-of-service reboot by sending a long string to TCP port 80. The available sources (NVD, Red Hat advisory, CVE records, and other catalogs) consistently describe this as a D...

CVE-2010-1544

microhttpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service device reboot via a long string to TCP port 80...

RCA DCM425 Cable Modem - 'micro_httpd' Denial of Service (PoC)

!/usr/bin/python Title: RCA DCM425 Cable Modem microhttpd DoS/PoC Date: 02/27/10 Author: ad0nis [email protected] Info: This script causes a Denial of Service on a DCM425 cable modem. Sending 1040 bytes causes a reboot of the device after a few seconds of it freezing up. I believe this may le...

Huawei HG510 crossite request forgery

Crossite request forgery allows to reboot device...