18 matches found
EUVD-2013-4879
Malware in sbrugna...
EUVD-2013-5060
Malware in sbrugna...
EUVD-2013-5058
Malware in sbrugna...
EUVD-2013-4881
Malware in sbrugna...
EUVD-2013-5059
Malware in sbrugna...
EUVD-2013-4880
Malware in sbrugna...
CVE-2013-5218
Cross-site scripting XSS vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp...
CVE-2013-5037
The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages...
CVE-2013-5220
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service device crash via crafted HTTP POST data...
Cross site scripting
Cross-site scripting XSS vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp...
Design/Logic Flaw
The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages...
CVE-2013-5218
CVE-2013-5218 describes an XSS vulnerability in the HOTBOX router (SAGEMCOM F@st 3184) with software 2.1.11. The issue arises from improper handling of a crafted DHCP Host Name option during rendering of the DHCP table in wlanAccess.asp, allowing remote attackers to inject arbitrary web script or...
CVE-2013-5037
The CVE-2013-5037 entry concerns the HOTBOX router (SAGEMCOM HOTBOX F@st 3184) running software version 2.1.11, where a default WPS PIN of 12345670 enables easier access to the WPA/WPA2 PSK via EAP messages. The connected sources corroborate the affected device and version and describe the underl...
CVE-2013-5219
CVE-2013-5219 affects HOTBOX Router/Modem (SAGEMCOM F@st 3184, 2.1.11). A directory traversal vulnerability allows an attacker to read arbitrary files via a .. in a URI (e.g., /etc/passwd). Evidence from multiple sources confirms the vulnerable component is the web-facing URI handling, enabling r...
CVE-2013-5037
The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages...
CVE-2013-5039
The CVE-2013-5039 entry concerns the HOTBOX router (SAGEMCOM HOTBOX F@st 3184) with firmware 2.1.11. It describes a CSRF flaw in goform/wlanBasicSecurity that lets an attacker hijack administrator authentication to set WifiSecurity to Deactivated. Public material (e.g., exploit-db, packetstorm, 0...
CVE-2013-5038
The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session...
CVE-2013-5038
CVE-2013-5038 affects HOTBOX router/modem (SAGEMCOM F@st 3184, software version 2.1.11; possibly earlier). The issue is an authentication bypass: an attacker can gain remote access by configuring a source IP address that had been used for an authenticated session. Public references in the connect...