32 matches found
EUVD-2013-4881
Malware in sbrugna...
EUVD-2013-5058
Malware in sbrugna...
EUVD-2013-5060
Malware in sbrugna...
EUVD-2013-4880
Malware in sbrugna...
EUVD-2013-4879
Malware in sbrugna...
EUVD-2013-5059
Malware in sbrugna...
Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities
No description provided by source. +------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st...
CVE-2013-5038
The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session...
CVE-2013-5220
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service device crash via crafted HTTP POST data...
CVE-2013-5039
Cross-site request forgery CSRF vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter...
CVE-2013-5037
The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages...
CVE-2013-5218
Cross-site scripting XSS vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp...
Cross site scripting
Cross-site scripting XSS vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp...
Directory traversal
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. dot dot in a URI, as demonstrated by a request for /etc/passwd...
Authentication flaw
The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session...
Design/Logic Flaw
The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter...
Code injection
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service device crash via crafted HTTP POST data...
CVE-2013-5219
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. dot dot in a URI, as demonstrated by a request for /etc/passwd...
CVE-2013-5220
The HOTBOX router (SAGEMCOM F@st 3184) is affected in version 2.1.11 by CVE-2013-5220, with documented issues including CSRF, traversal and denial of service via crafted HTTP POST to goform/login. Public sources (1337DAY, related advisories) specify multiple vulnerabilities in 2.1.11 and indicate...