30 matches found
EUVD-2018-4499
Malware in sbrugna...
EUVD-2018-4498
Malware in sbrugna...
intex-piscine.be Cross Site Scripting vulnerability OBB-3398858
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
intex-piscine.be Cross Site Scripting vulnerability OBB-3386197
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
intex-piscine.be Cross Site Scripting vulnerability OBB-3372450
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
intex-piscine.be Cross Site Scripting vulnerability OBB-3342325
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
intex-piscine.be Cross Site Scripting vulnerability OBB-2987514
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
intex-piscine.be Cross Site Scripting vulnerability OBB-2965890
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
intex-air.ru Cross Site Scripting vulnerability OBB-1224433
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Intex N150 Device Cross-Site Request Forgery Vulnerability
Intex N150 devices is a wireless router product from Intex Technologies, India. A cross-site request forgery vulnerability exists in the router firmware in Intex N150 devices. A remote attacker can exploit this vulnerability to change user passwords and router settings...
Design/Logic Flaw
An issue was discovered on Intex N150 devices. The backup/restore option does not check the file extension uploaded for importing a configuration files backup, which can lead to corrupting the router firmware settings or even the uploading of malicious files. In order to exploit the vulnerability...
Design/Logic Flaw
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings...
CVE-2018-12529
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings...
CVE-2018-12528
An issue was discovered on Intex N150 devices. The backup/restore option does not check the file extension uploaded for importing a configuration files backup, which can lead to corrupting the router firmware settings or even the uploading of malicious files. In order to exploit the vulnerability...
CVE-2018-12528
An issue was discovered on Intex N150 devices. The backup/restore option does not check the file extension uploaded for importing a configuration files backup, which can lead to corrupting the router firmware settings or even the uploading of malicious files. In order to exploit the vulnerability...
CVE-2018-12529
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings...
CVE-2018-12528
CVE-2018-12528 affects Intex N150 devices. The vulnerability arises in the backup/restore import flow, which does not validate the file extension of the configuration backup, enabling a crafted file to corrupt router firmware settings or be uploaded as malicious content. An attacker could upload ...
CVE-2018-12529
CVE-2018-12529 affects Intex N150 router firmware. It describes multiple CSRF injection points enabling an attacker to change user passwords and router settings. Root cause: CSRF vulnerabilities in the firmware. Impact: unauthorized configuration changes and credential modifications. Public refer...
Intex Router N-150 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Intex Router N-150 - Cross-Site Request Forgery Add Admin Exploit Author: Navina Asrani Version: N-150 Category: Router Firmware 1. Description The firmware allows malicious request to be executed without verifying source...
Intex Router N-150 Arbitrary File Upload
Exploit Title:aa Intex Router N-150 - Arbitrary File Upload Date: 2018-06-23 Exploit Author: Samrat Das Version: N-150 CVE : N/A Category: Router Firmware 1. Description The firmware allows malicious files to be uploaded without any checking of extensions and allows filed to be uploaded. 2. Proof...