16 matches found
EUVD-2017-5241
Malware in sbrugna...
Axesstel MU553S Cross-Site Request Forgery Vulnerability
The Axesstel MU553S is a router from Axesstel USA. A cross-site request forgery vulnerability exists in cgi-bin/ConfigSet in the Axesstel MU553S MU55XS-V1.14 release. A remote attacker can exploit this vulnerability to perform unauthorized operations...
Axesstel MU553S Default Password Vulnerability
The Axesstel MU553S is a router from Axesstel USA. A security vulnerability exists in the Axesstel MU553S MU55XS-V1.14 version that originates from the use of the default 'admin' password for the administrator account. An attacker can exploit the vulnerability to perform unauthorized operations...
CVE-2017-13724
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
Default credentials
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-13724
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
Cross site scripting
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
CVE-2017-11350
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-11350
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-13724
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
CVE-2017-11351
The CVE-2017-11351 entry concerns Axesstel MU553S/MU55XS-V1.14 devices that ship with the default admin password for the admin account. The root cause is credential exposure via a default credential, leading to potential unauthorized administrative access. Impact is described as high for confiden...
CVE-2017-11350
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-11350
CVE-2017-11350 is a CSRF vulnerability in the Axesstel MU553S MU55XS-V1.14 devices, specifically in the CGI endpoint /cgi-bin/ConfigSet. The connected CNVD entry confirms the issue on the Axesstel MU553S MU55XS-V1.14 release and describes unauthorized operations via CSRF. CVSS metrics indicate mo...
CVE-2017-11351
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account...
CVE-2017-13724
CVE-2017-13724 describes a stored Cross-Site Scripting vulnerability in the APN parameter on the Axesstel MU553S MU55XS devices running firmware v1.14, on the Basic Settings page. The affected component is the APN field handling in that page; the root cause is a stored XSS flaw that can persist u...