19 matches found
EUVD-2015-5931
Malware in sbrugna...
EUVD-2015-5933
Malware in sbrugna...
EUVD-2015-5930
Malware in sbrugna...
EUVD-2015-5932
Malware in sbrugna...
CVE-2015-5990
Cross-site request forgery CSRF vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2015-5989
Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to obtain administrative privileges via certain changes to LockStatus and LoginSuccess values...
CVE-2015-5988
The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
CVE-2015-5987
Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value...
Input validation
Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value...
Session fixation
The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users...
Authorization
Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to obtain administrative privileges via certain changes to LockStatus and LoginSuccess values...
CVE-2015-5988
Affected product/variant: Belkin N600 DB Wireless Dual Band N+ router, model F9K1102 v2, with firmware version 2.10.17. Vulnerability: Blank password on the web management interface allows a LAN attacker to obtain administrative privileges. Impact (as documented): LAN-based attacker can gain priv...
CVE-2015-5988
The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
CVE-2015-5987
Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value...
CVE-2015-5990
Belkin N600 DB Wireless Dual Band N+ router (model F9K1102 v2) with firmware 2.10.17 is vulnerable to a CSRF flaw (CVE-2015-5990) that can allow an attacker to hijack the user’s authenticated session. The CERT/CC entry attributes multiple issues to this device family, with CVE-2015-5990 specifica...
CVE-2015-5987
Belkin N600 DB Wireless Dual Band router (model F9K1102 v2) with firmware 2.10.17 is affected by CVE-2015-5987 (DNS TXID predictable) which enables remote DNS spoofing to guide the device to attacker-controlled hosts. CERT’s VU#201168 notes that DNS queries from the Belkin N600 can have predictab...
CVE-2015-5989
Belkin N600 DB Wireless Dual Band N+ router, model F9K1102 v2, with firmware 2.10.17 (and earlier) is affected by CVE-2015-5989. The vulnerability arises from client-side authentication, where an attacker can intercept embedded server messages containing the strings "LockStatus": "1" and "Login_S...
CVE-2015-5990
Cross-site request forgery CSRF vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users...