11 matches found
EUVD-2020-16769
Malware in sbrugna...
CVE-2020-24033
An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with...
susukino-fs.com Cross Site Scripting vulnerability OBB-2767974
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
opm-fs.com Cross Site Scripting vulnerability OBB-2519481
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
opm-fs.com Cross Site Scripting vulnerability OBB-2514198
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
fs.com S3900-24T4S Cross-Site Request Forgery Vulnerability
The fs.com S3900-24T4S is a Gigabit stackable switch from China's Feixiang Innovation fs. fs S3900-24T4S switch is equipped with 24 10/100/1000Base-T ports, 4 10G SFP+ uplink ports, supports up to 6 switches stacking, and is easy to operate with highly secure service processing capability, flexib...
CVE-2020-24033
An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with...
CVE-2020-24033
An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with...
Authentication flaw
An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with...
CVE-2020-24033
An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with...
CVE-2020-24033
The CVE-2020-24033 issue affects fs.com S3900-24T4S switches (version 1.7.0 and earlier). The root cause is a lack of authentication or token-based protection for form actions, enabling remote attackers to forge requests on behalf of a site administrator and alter all settings, including deleting...