25 matches found
EUVD-2016-3315
Malware in sbrugna...
EUVD-2009-4167
Malware in sbrugna...
EUVD-2009-4166
Malware in sbrugna...
Huawei SmartAX MT882 Denial of Service Vulnerability
Huawei SmartAX MT882 is a router product. A denial of service vulnerability exists in the Huawei SmartAX MT882 device V200R002B022 Arg, where the WHIP service relies on the client sending a length field. This could allow a remote attacker to cause a denial of service via a data stream constructed...
Huawei SmartAX MT882 Denial of Service Vulnerability (CNVD-2016-01127)
Huawei SmartAX MT882 is a router product. A denial of service vulnerability in GlobespanVirata ftpd 1.0 in the Huawei SmartAX MT882 device V200R002B022 Arg allows remote users to create directories with longer names using the FTP MKD command, and then cause a denial of service with other commands...
CVE-2016-2314
GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service device outage by using the FTP MKD command to create a directory with a long name, and then using certain other commands...
CVE-2016-2314
GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service device outage by using the FTP MKD command to create a directory with a long name, and then using certain other commands...
CVE-2016-2231
The Windows-based Host Interface Program WHIP service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service device outage or possibly have unspecified other...
CVE-2016-2231
The Windows-based Host Interface Program WHIP service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service device outage or possibly have unspecified other...
Design/Logic Flaw
The Windows-based Host Interface Program WHIP service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service device outage or possibly have unspecified other...
CVE-2016-2314
CVE-2016-2314 affects Huawei SmartAX MT882 devices running GlobespanVirata ftpd 1.0. The underlying issue allows remote authenticated users to trigger a denial of service (device outage) by creating an excessively long directory name with the FTP MKD command and then issuing additional FTP comman...
CVE-2016-2231
The Windows-based Host Interface Program WHIP service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service device outage or possibly have unspecified other...
CVE-2016-2231
The CVE-2016-2231 issue affects Huawei SmartAX MT882 devices (V200R002B022 Arg) where the WHIP service relies on a client-supplied length field that must match the buffer size. A crafted TCP traffic sequence to port 8701 can exploit this mismatch to cause a denial of service (device outage) and p...
CVE-2013-6786
Cross-site scripting XSS vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mechanism is bypassed, allows remote attackers to inject arbitra...
CVE-2013-6786
CVE-2013-6786 is an XSS vulnerability in Allegro RomPager prior to 4.51 used on ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D‑Link DSL-2640R/2641R. The flaw arises when the forbidden author header protection is bypassed, allowing remote attackers to inject arbitrary web sc...
CVE-2009-4196
Multiple cross-site scripting XSS vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or HTML via the 1 BackButton parameter to error1; 2 wzConnFlag parameter to freshpppoe1; 3...
Default credentials
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support...
CVE-2009-4197
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or HTML via the 1 BackButton parameter to error1; 2 wzConnFlag parameter to freshpppoe1; 3...
CVE-2009-4197
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support...