8 matches found
EUVD-2017-2990
Malware in sbrugna...
EUVD-2019-4673
Malware in sbrugna...
CVE-2019-13140
Inteno EG200 EG200-WU7P1UADAMO3.16.4-1902261650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP...
CVE-2019-13140
Inteno EG200 EG200-WU7P1UADAMO3.16.4-1902261650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP...
Design/Logic Flaw
Inteno routers have a JUCI ACL misconfiguration that allows the "user" account to read files, write to files, and add root SSH keys via JSON commands to ubus. Exploitation is sometimes easy because the "user" password might be "user" or might match the Wi-Fi key...
CVE-2017-11361
Inteno routers have a JUCI ACL misconfiguration that allows the "user" account to read files, write to files, and add root SSH keys via JSON commands to ubus. Exploitation is sometimes easy because the "user" password might be "user" or might match the Wi-Fi key...
CVE-2017-11361
Inteno routers are affected by CVE-2017-11361 due to a JUCI ACL misconfiguration. The issue allows the low-privilege "user" account to read and write files and to add a root SSH key by sending JSON commands to ubus. Exploitation is sometimes easy because the "user" password might be the default "...
Inteno DG301 routers code execution
Code execution via web interface...