22 matches found
EUVD-2019-8031
Malware in sbrugna...
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
CVE-2019-18231
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
CVE-2019-18231
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...
Server side request forgery (ssrf)
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...
Cross site scripting
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
CVE-2019-18235
Affected: Advantech Spectre RT ERT351 firmware versions 5.1.3 and prior. Issue: CVE-2019-18235 is caused by insufficient login authentication parameters in the web application, potentially allowing a brute-force password attack to gain full access. Impact: high risk with CVSS v3.1 base score 9.8 ...
CVE-2019-18235
Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force password attack...
CVE-2019-18231
CVE-2019-18231 affects Advantech Spectre RT ERT351 firmware 5.1.3 and earlier, where login credentials are transmitted in clear text. The ICSA advisory confirms a cleartext transmission vulnerability with CVSS v3 base score 7.5 (Network, Low complexity, No privileges required, Confidentiality imp...
CVE-2019-18231
Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request...
CVE-2019-18233
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack...
CVE-2019-18233
CVE-2019-18233 affects Advantech Spectre RT Industrial Routers (ERT351) firmware 5.1.3 and earlier. Root cause: improper neutralization of input during web page generation, enabling reflected XSS via error responses. Impact per sources: potential script/HTML injection affecting users viewing erro...
Advantech Spectre RT ERT351 Brute Force Vulnerability
The Advantech Spectre RT ERT351 is a router from Advantech USA providing network routing capabilities. A security vulnerability exists in the Advantech Spectre RT ERT351 that allows a remote attacker to exploit the vulnerability by submitting a special request that can be brute-force broken to...
Advantech Spectre RT ERT351 Password Plaintext Transfer Vulnerability
The Advantech Spectre RT ERT351 is a router from Advantech USA providing network routing capabilities. The Advantech Spectre RT ERT351 suffers from a password cleartext transfer vulnerability that could be exploited by remote attackers to hijack communications and obtain sensitive information...
None Advantech Spectre RT ERT351 firmware 安全漏洞
The Advantech Spectre RT ERT351 is a router from Advantech USA providing network routing capabilities. A security vulnerability exists in the Advantech Spectre RT ERT351 that allows a remote attacker to exploit the vulnerability by submitting a special request that can be brute-force broken to...
Advantech Spectre RT ERT351 firmware 跨站脚本漏洞
The Advantech Spectre RT ERT351 is a router from Advantech USA providing network routing capabilities. The Advantech Spectre RT ERT351 error response handling suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or...
The vulnerability of the microprogrammed network router Advantech BB-ERT351, related to authentication errors, allows a hacker to obtain the administrator’s password.
The vulnerability of the microprogrammed network router Advantech BB-ERT351 is related to the lack of restrictions on the number of authentication attempts. Exploiting this vulnerability allows a malicious actor to brute-force the administrator password remotely...
The vulnerability of the microprogrammed network router Advantech BB-ERT351, related to the use of a unreliable cryptographic algorithm, allows a hacker to retrieve the administrator password from the hash.
The vulnerability of the microprogrammed network router Advantech BB-ERT351 is related to the use of a unreliable cryptographic algorithm for hashing passwords. Exploiting this vulnerability could allow an attacker, operating remotely, to retrieve the administrator’s password from the hash...
The vulnerability of the web interface of the microprogramming software for the Advantech BB-ERT351 network router allows a hacker to disclose passwords of network services.
The vulnerability of the web interface of the Advantech BB-ERT351 network router lies in the absence of a mechanism for masking passwords when they are displayed in the web interface. Exploiting this vulnerability can allow an attacker to disclose passwords from network services such as PPTP and...