13 matches found
EUVD-2015-2993
Malware in sbrugna...
CVE-2016-1288
The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service service outage by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability on Actiontec GT784WN modems with firmware before NCS01-1.0.13 allows remote attackers to hijack the authentication or intranet connectivity of arbitrary users...
CVE-2015-2905
The CVE-2015-2905 entry affects the Actiontec GT784WN Wireless N DSL Modem. The vulnerability is a Cross-Site Request Forgery (CSRF) in firmware versions prior to NCS01-1.0.13, which enables a remote attacker to hijack authentication or an intranet connection for arbitrary users. Affected device:...
CVE-2015-2905
Cross-site request forgery CSRF vulnerability on Actiontec GT784WN modems with firmware before NCS01-1.0.13 allows remote attackers to hijack the authentication or intranet connectivity of arbitrary users...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the SMC SMCD3G-CCR aka Comcast Business Gateway with firmware before 1.4.0.49.2 allow remote attackers to 1 hijack the intranet connectivity of arbitrary users for requests that perform a login via goform/login, or...
CVE-2011-0886
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the SMC SMCD3G-CCR aka Comcast Business Gateway with firmware before 1.4.0.49.2 allow remote attackers to 1 hijack the intranet connectivity of arbitrary users for requests that perform a login via goform/login, or...
CVE-2011-0886
The CVE-2011-0886 entry refers to CSRF flaws in the Comcast DOCSIS 3.0 Business Gateway (SMCD3G-CCR) web interface prior to firmware 1.4.0.49.2. Vulnerabilities include: (1) login CSRF that can hijack intranet connectivity, (2) CSRF allowing remote admin activation via goform/RemoteRange, and (3)...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd...
CVE-2009-1561
Cross-site request forgery CSRF vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd...
CVE-2008-6605
Cross-site request forgery CSRF vulnerability in the xslt script in the web-based management interface on the 2wire 1701HG, 1800HW, 2071HG, and 2700HG with firmware 3.17.5, 3.7.1, 4.25.19, or 5.29.51 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that...
CVE-2009-0940
Multiple cross-site request forgery CSRF vulnerabilities in the HP Embedded Web Server EWS on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that 1 print documents via unknown vectors, 2 modif...
CVE-2009-0940
The CVE-2009-0940 entry describes multiple CSRF vulnerabilities in the HP Embedded Web Server (EWS) used by HP LaserJet printers, Edgeline printers, and Digital Senders. The vulnerabilities allow an attacker to hijack a user’s intranet connectivity to perform requests such as (1) printing documen...