16 matches found
EUVD-2013-4879
Malware in sbrugna...
EUVD-2013-5058
Malware in sbrugna...
EUVD-2013-4880
Malware in sbrugna...
EUVD-2013-4881
Malware in sbrugna...
EUVD-2013-5059
Malware in sbrugna...
CVE-2013-5039
Cross-site request forgery CSRF vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter...
CVE-2013-5038
The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session...
CVE-2013-5220
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service device crash via crafted HTTP POST data...
Authentication flaw
The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session...
Cross site scripting
Cross-site scripting XSS vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp...
Directory traversal
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. dot dot in a URI, as demonstrated by a request for /etc/passwd...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for requests that change the WiFi Security field to Deactivated via the WifiSecurity parameter...
Code injection
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service device crash via crafted HTTP POST data...
CVE-2013-5218
Cross-site scripting XSS vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp...
CVE-2013-5220
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service device crash via crafted HTTP POST data...
CVE-2013-5039
The CVE-2013-5039 entry concerns the HOTBOX router (SAGEMCOM HOTBOX F@st 3184) with firmware 2.1.11. It describes a CSRF flaw in goform/wlanBasicSecurity that lets an attacker hijack administrator authentication to set WifiSecurity to Deactivated. Public material (e.g., exploit-db, packetstorm, 0...