17 matches found
EUVD-2017-5241
Malware in sbrugna...
The vulnerability of the Microprogrammed Routing Software of the Axesstel MU553S router lies in the use of the default standard password for the administrator account, allowing attackers to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of the microprogrammed routing software Axesstel MU553S is related to the default use of a standard password for the administrator account. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data...
Axesstel MU553S Default Password Vulnerability
The Axesstel MU553S is a router from Axesstel USA. A security vulnerability exists in the Axesstel MU553S MU55XS-V1.14 version that originates from the use of the default 'admin' password for the administrator account. An attacker can exploit the vulnerability to perform unauthorized operations...
Axesstel MU553S Cross-Site Request Forgery Vulnerability
The Axesstel MU553S is a router from Axesstel USA. A cross-site request forgery vulnerability exists in cgi-bin/ConfigSet in the Axesstel MU553S MU55XS-V1.14 release. A remote attacker can exploit this vulnerability to perform unauthorized operations...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-13724
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
Cross site scripting
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
CVE-2017-13724
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
CVE-2017-11350
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-11350
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
Default credentials
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account...
CVE-2017-13724
CVE-2017-13724 describes a stored Cross-Site Scripting vulnerability in the APN parameter on the Axesstel MU553S MU55XS devices running firmware v1.14, on the Basic Settings page. The affected component is the APN field handling in that page; the root cause is a stored XSS flaw that can persist u...
CVE-2017-11350
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-13724
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
CVE-2017-11350
CVE-2017-11350 is a CSRF vulnerability in the Axesstel MU553S MU55XS-V1.14 devices, specifically in the CGI endpoint /cgi-bin/ConfigSet. The connected CNVD entry confirms the issue on the Axesstel MU553S MU55XS-V1.14 release and describes unauthorized operations via CSRF. CVSS metrics indicate mo...
CVE-2017-11351
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account...
CVE-2017-11351
The CVE-2017-11351 entry concerns Axesstel MU553S/MU55XS-V1.14 devices that ship with the default admin password for the admin account. The root cause is credential exposure via a default credential, leading to potential unauthorized administrative access. Impact is described as high for confiden...