24 matches found
EUVD-2013-3003
Malware in sbrugna...
EUVD-2013-3002
Malware in sbrugna...
EUVD-2013-4513
Malware in sbrugna...
EUVD-2013-3004
Malware in sbrugna...
CVE-2013-4658
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share...
Weak Password Vulnerability in Belkin's EA6500
The EA6500 is a router product from Belkin. A weak password vulnerability exists in the Belkin EA6500, which can be exploited by an attacker to log into the system backend and perform unauthorized operations...
Belkin Linksys EA6500 Path Traversal Vulnerability
The Belkin Linksys EA6500 is a wireless router from Belkin USA. A path traversal vulnerability exists in the Linksys EA6500, which arises from a failure of a network system or product to properly filter special elements in the path of a resource or file, and can be exploited by an attacker to gai...
CVE-2013-4658
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share...
Cross site scripting
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share...
CVE-2013-4658
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share...
CVE-2013-4658
CVE-2013-4658 concerns the Linksys EA6500 router, where a SMB Symlink Traversal allows symbolic links to be created to locations outside the Samba share. The vulnerability is documented with the CVSS v3.1 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, yielding a base score of 9.8 (CRITICAL). It is ...
CVE-2014-8244
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remot...
CVE-2013-3066
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information clients and router configuration via a request to /JNAP/...
CVE-2013-3065
Cross-site scripting XSS vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section...
CVE-2013-3064
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter...
Design/Logic Flaw
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information clients and router configuration via a request to /JNAP/...
Cross site scripting
Cross-site scripting XSS vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section...
Open redirect
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter...
CVE-2013-3065
Cross-site scripting XSS vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section...
CVE-2013-3064
CVE-2013-3064 describes an open redirect vulnerability in the Linksys EA6500 web UI, specifically in the page UI/dynamic/unsecured.html. With firmware 1.1.28.147876, remote attackers can trick users into visiting arbitrary sites by supplying the malicious URL in the target parameter, enabling phi...