36 matches found
EUVD-2018-5058
Malware in sbrugna...
EUVD-2018-19350
Malware in sbrugna...
EUVD-2018-19351
Malware in sbrugna...
EUVD-2018-19352
Malware in sbrugna...
ADB Epicentro Buffer Overflow Vulnerability (CNVD-2018-20873 )
ADB Epicentro is a set of firmware used in ADB gateway and router devices from ADB Switzerland. httpd is one of the HTTP servers. A buffer overflow vulnerability exists in httpd in ADB Epicentro version E7.3.2+. A remote attacker could exploit this vulnerability to execute code with the help of a...
ADB Epicentro Buffer Overflow Vulnerability
ADB Epicentro is a set of firmware used in ADB gateway and router devices from ADB Switzerland. httpd is one of the HTTP servers. A buffer overflow vulnerability exists in httpd in ADB Epicentro version E7.3.2+. A remote attacker could exploit this vulnerability to cause a denial of service with ...
ADB Epicentro Code Injection Vulnerability
ADB Epicentro is a set of firmware used in ADB gateway and router devices from ADB Switzerland. A code injection vulnerability exists in the 'form Language' parameter of the /ui/login page in ADB Epicentro version E7.3.2+, which can be exploited to execute JavaScript code by tricking a user into...
CVE-2018-7633
Code injection in the /ui/login form Language parameter in Epicentro E7.3.2+ allows attackers to execute JavaScript code by making a user issue a manipulated POST request...
CVE-2018-7631
Buffer Overflow in httpd in EpiCentro E7.3.2+ allows attackers to execute code remotely via a specially crafted GET request without a leading "/" and without authentication...
CVE-2018-7632
Buffer Overflow in httpd in EpiCentro E7.3.2+ allows attackers to cause a denial of service attack remotely via a specially crafted GET request with a leading "/" in the URL...
Buffer overflow
Buffer Overflow in httpd in EpiCentro E7.3.2+ allows attackers to cause a denial of service attack remotely via a specially crafted GET request with a leading "/" in the URL...
Code injection
Code injection in the /ui/login form Language parameter in Epicentro E7.3.2+ allows attackers to execute JavaScript code by making a user issue a manipulated POST request...
Buffer overflow
Buffer Overflow in httpd in EpiCentro E7.3.2+ allows attackers to execute code remotely via a specially crafted GET request without a leading "/" and without authentication...
CVE-2018-7633
Code injection in the /ui/login form Language parameter in Epicentro E7.3.2+ allows attackers to execute JavaScript code by making a user issue a manipulated POST request...
CVE-2018-7631
CVE-2018-7631 involves a buffer overflow in the httpd component of EpiCentro firmware (E_7.3.2+) that allows remote code execution via a specially crafted GET request lacking a leading '/' and without authentication. Multiple connected sources corroborate the issue, describing an RCE risk tied to...
CVE-2018-7632
CVE-2018-7632 concerns the httpd component of EpiCentro firmware (E_7.3.2+). The vulnerability is a buffer overflow triggered by a remote attacker sending a specially crafted GET request whose URL begins with a leading â/â. The consequence documented is a denial of service. Exploitation details, ...
CVE-2018-7633
The CVE-2018-7633 entry concerns Epicentro firmware (E_7.3.2+) where the /ui/login form Language parameter is vulnerable to code injection. The issue allows an attacker to cause JavaScript execution by directing a user to submit a tampered POST request, indicating an input handling flaw in the lo...
CVE-2018-7631
Buffer Overflow in httpd in EpiCentro E7.3.2+ allows attackers to execute code remotely via a specially crafted GET request without a leading "/" and without authentication...
CVE-2018-7632
Buffer Overflow in httpd in EpiCentro E7.3.2+ allows attackers to cause a denial of service attack remotely via a specially crafted GET request with a leading "/" in the URL...
CVE-2018-13108
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP e.g., VoIP credentials or attack th...