29 matches found
EUVD-2016-7473
Malware in sbrugna...
EUVD-2017-18889
Malware in sbrugna...
EUVD-2017-18840
Malware in sbrugna...
EUVD-2017-18841
Malware in sbrugna...
CVE-2016-6552
Green Packet DX-350 uses non-random default credentials of: root:wimax. A remote network attacker can gain privileged access to a vulnerable device...
Default credentials
Green Packet DX-350 uses non-random default credentials of: root:wimax. A remote network attacker can gain privileged access to a vulnerable device...
CVE-2016-6552
CVE-2016-6552 affects Green Packet DX-350, which uses non-random default credentials (root:wimax). A remote attacker on the network can gain privileged access, with a critical CVSSv3 base score (9.8) and full impact on confidentiality, integrity, and availability. The documents corroborate a cred...
CVE-2016-6552 Green Packet DX-350 uses default credentials
Green Packet DX-350 uses non-random default credentials of: root:wimax. A remote network attacker can gain privileged access to a vulnerable device...
Unspecified Vulnerability in Green Packet DX-350
The Green Packet DX-350 is a network access point device from Green Packet USA. A security vulnerability exists in the Green Packet DX-350 using firmware version 2.8.9.5-g1.4.8-atheeb, which stems from the administrator account having a default password. No details of the vulnerability are provid...
Green Packet DX-350 Injection Command Vulnerability
The Green Packet DX-350 is a network access point device from Green Packet USA. A security vulnerability exists in the PING function of the web interface in the Green Packet DX-350. The vulnerability can be exploited by an attacker to inject commands with the help of the 'pip' parameter...
Green Packet DX-350 Cross-Site Request Forgery Vulnerability
The Green Packet DX-350 is a network access point device from Green Packet USA. A cross-site request forgery vulnerability exists in the Green Packet DX-350 using firmware version 2.8.9.5-g1.4.8-atheeb. A remote attacker can exploit this vulnerability by sending a request to the ajax.cgi file to...
CVE-2017-9980
In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" aka tagipPing feature within the web interface allows performing command injection, via the "pip" parameter...
CVE-2017-9932
Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account...
Cross site scripting
Cross-Site Scripting XSS exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by the action parameter to ajax.cgi...
CVE-2017-9930
Cross-Site Request Forgery CSRF exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by a request to ajax.cgi that enables UPnP...
CVE-2017-9980
In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" aka tagipPing feature within the web interface allows performing command injection, via the "pip" parameter...
CVE-2017-9930
Cross-Site Request Forgery CSRF exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by a request to ajax.cgi that enables UPnP...
CVE-2017-9931
Cross-Site Scripting XSS exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by the action parameter to ajax.cgi...
CVE-2017-9932
Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account...
Default credentials
Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account...