Lucene search
+L

10 matches found

NVD
NVD
added 2020/09/23 4:15 p.m.21 views

CVE-2020-5783

In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms...

5.8CVSS0.00362EPSS
Exploits1References1
OSV
OSV
added 2020/09/23 4:15 p.m.6 views

CVE-2020-5782

In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wantype’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection...

6.5CVSS6.6AI score0.00987EPSS
Exploits1References1
OSV
OSV
added 2020/09/23 4:15 p.m.4 views

CVE-2020-5781

In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file /etc/config/luci by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users...

4.3CVSS5.9AI score0.00902EPSS
Exploits1References1
Prion
Prion
added 2020/09/23 4:15 p.m.16 views

Cross site request forgery (csrf)

In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms...

5.8CVSS5.6AI score0.00362EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/23 4:15 p.m.20 views

Design/Logic Flaw

In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wantype’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection...

6.8CVSS6.5AI score0.00987EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/09/23 4:15 p.m.12 views

Design/Logic Flaw

In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file /etc/config/luci by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users...

4CVSS4.8AI score0.00902EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/23 3:33 p.m.24 views

CVE-2020-5781

In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file /etc/config/luci by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users...

4.8AI score0.00902EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/09/23 3:33 p.m.26 views

CVE-2020-5782

In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wantype’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection...

6.5AI score0.00987EPSS
Exploits1References1
CVE
CVE
added 2020/09/23 3:33 p.m.47 views

CVE-2020-5782

In IgniteNet HeliOS GLinq v2.2.1 r2961, a login action that sets the ‘wan_type’ parameter can render the WAN interface unreachable, causing a denial-of-service condition for devices relying on that connection. This is the core vulnerability described across multiple sources (NVD, Red Hat, PRION, ...

6.8CVSS6.5AI score0.00987EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/09/23 3:33 p.m.46 views

CVE-2020-5783

CVE-2020-5783 affects IgniteNet HeliOS GLinq v2.2.1 r2961. The connected documents provide concrete detail: the login functionality lacks CSRF protection, creating a CSRF risk for authenticated sessions. No explicit exploit details, affected components beyond the login mechanism, or remediation s...

5.8CVSS5.6AI score0.00362EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder