20 matches found
EUVD-2020-26939
Malware in sbrugna...
EUVD-2020-26940
Malware in sbrugna...
EUVD-2020-26938
Malware in sbrugna...
CVE-2020-5781
In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file /etc/config/luci by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users...
CVE-2020-5782
In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wantype’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection...
CVE-2020-5783
In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms...
CVE-2020-5783
In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms...
CVE-2020-5783
In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms...
CVE-2020-5781
In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file /etc/config/luci by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users...
CVE-2020-5781
In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file /etc/config/luci by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users...
CVE-2020-5782
In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wantype’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection...
Design/Logic Flaw
In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wantype’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection...
Cross site request forgery (csrf)
In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms...
Design/Logic Flaw
In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file /etc/config/luci by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users...
CVE-2020-5781
In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file /etc/config/luci by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users...
CVE-2020-5781
Vulnerability CVE-2020-5781 affects IgniteNet HeliOS GLinq v2.2.1 r2961. The langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function; when manipulated with arbitrary JavaScript, this triggers a denial-of-service condition for all ...
CVE-2020-5782
In IgniteNet HeliOS GLinq v2.2.1 r2961, a login action that sets the ‘wan_type’ parameter can render the WAN interface unreachable, causing a denial-of-service condition for devices relying on that connection. This is the core vulnerability described across multiple sources (NVD, Red Hat, PRION, ...
CVE-2020-5782
In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wantype’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection...
CVE-2020-5783
In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms...
CVE-2020-5783
CVE-2020-5783 affects IgniteNet HeliOS GLinq v2.2.1 r2961. The connected documents provide concrete detail: the login functionality lacks CSRF protection, creating a CSRF risk for authenticated sessions. No explicit exploit details, affected components beyond the login mechanism, or remediation s...