15 matches found
EUVD-2018-9609
Malware in sbrugna...
EUVD-2018-9610
Malware in sbrugna...
EUVD-2018-9611
Malware in sbrugna...
Cross site request forgery (csrf)
DASAN H660GW devices do not implement any CSRF protection mechanism...
CVE-2018-17867
The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/advnatvirsvr.asp Addr parameter aka the Local IP Address field...
Cross site scripting
DASAN H660GW devices have Stored XSS in the Port Forwarding functionality...
CVE-2018-17869
DASAN H660GW devices do not implement any CSRF protection mechanism...
CVE-2018-17868
DASAN H660GW devices have Stored XSS in the Port Forwarding functionality...
Design/Logic Flaw
The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/advnatvirsvr.asp Addr parameter aka the Local IP Address field...
CVE-2018-17868
DASAN H660GW devices have Stored XSS in the Port Forwarding functionality...
CVE-2018-17869
CVE-2018-17869 affects DASAN H660GW devices, where the underlying cause is lack of CSRF protection. The entry notes no CSRF protection mechanism is implemented. NVD lists CVSS v2 base 6.8 (NETWORK, MEDIUM) and CVSS v3 base 8.8 (NETWORK, HIGH) with user interaction required. No exploitation detail...
CVE-2018-17867
The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/advnatvirsvr.asp Addr parameter aka the Local IP Address field...
CVE-2018-17868
CVE-2018-17868 affects DASAN H660GW devices with a Stored XSS vulnerability in the Port Forwarding functionality. According to the connected records, the issue is a stored cross-site scripting flaw in the router’s web interface, enabling injection of malicious scripts via Port Forwarding settings...
CVE-2018-17869
DASAN H660GW devices do not implement any CSRF protection mechanism...
CVE-2018-17867
The CVE-2018-17867 entry concerns DASAN H660GW devices, where the Port Forwarding functionality can be abused by remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr (Local IP Address) parameter. NVD data indicates a high-severity impact with ...