Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability

A vulnerability in the web-based administration interface of Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with EDVA could allow an unauthenticated, remote attacker to cause the device to become unresponsive and restart, creating a denial of service DoS condition. The...

Design/Logic Flaw

Cisco DPQ3925 devices with EDVA r1 Base allow remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCuv03958...

CVE-2015-6428

Cisco DPQ3925 devices with EDVA r1 Base allow remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCuv03958...

CVE-2015-6428

The CVE-2015-6428 issue affects Cisco DPQ3925 Wireless Residential Gateway devices with EDVA r1 Base. The root cause is insufficient input validation in the device’s HTTP server, enabling an unauthenticated, remote attacker to disclose sensitive information via a crafted HTTP request. Impact: inf...

Cisco DPQ3925 devices with EDVA cross-site request forgery vulnerability

The Cisco DPQ3925 devices is a wireless router device from Cisco USA. A cross-site request forgery vulnerability exists in Cisco DPQ3925 devices with EDVA 5.5.2. It allows remote attackers to hijack the authentication of arbitrary user identities...

Cisco EPC3928 devices with EDVA security mechanism bypass vulnerability

The Cisco EPC3928 devices is a wireless router product from Cisco USA. A security mechanism bypass vulnerability exists in Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11,5.7.1. Allows remote attackers to pass expected authentication requirements and perform unspecified administrative functions vi...

CVE-2015-6378

Cross-site request forgery CSRF vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv05943...

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCux24935...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv05943...

CVE-2015-6378

The CVE-2015-6378 entry corresponds to a CSRF vulnerability in Cisco DPQ3925 devices with EDVA 5.5.2. The root cause is insufficient CSRF protections in the device web interface, enabling a remote attacker to hijack the authentication of arbitrary users by enticing them to visit a malicious link,...

CVE-2015-6401

Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11 and 5.7.1 are affected by CVE-2015-6401, where an unauthenticated remote attacker can bypass the intended web authentication and execute unspecified administrative functions via a crafted HTTP request (Bug CSCux24941). Public references include Cisco...

CVE-2015-6378

Cross-site request forgery CSRF vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv05943...

CVE-2015-6401

Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941...

CVE-2015-6402

CVE-2015-6402 is a cross-site scripting (XSS) vulnerability in the management interface of the Cisco EPC3928 Wireless Residential Gateway (EDVA 5.5.10, 5.5.11, 5.7.1). The issue allows remote attackers to inject arbitrary web script or HTML via an unspecified value. Cisco advises that no software...

Cisco Addresses Wireless Residential Gateway Vulnerability

Cisco has released an advisory to address a vulnerability in the web server used in multiple Wireless Residential Gateway products that could allow an unauthenticated, remote attacker to crash the web server and execute arbitrary code with elevated privileges. Cisco products affected by this...