Lucene search
K

4 matches found

NVD
NVD
added 2008/03/10 5:44 p.m.14 views

CVE-2008-1261

The Zyxel P-2602HW-D1A router with 3.40AJZ.1 firmware provides different responses to admin page requests depending on whether a user is logged in, which allows remote attackers to obtain current login status by requesting an arbitrary admin URI...

5CVSS6.8AI score0.01205EPSS
Exploits0References3
Prion
Prion
added 2008/03/10 5:44 p.m.16 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities on the Zyxel P-2602HW-D1A router with 3.40AJZ.1 firmware allow remote attackers to 1 make the admin web server available on the Internet WAN interface via the WWWAccessInterface parameter to Forms/RemMagWWW1 or 2 change the IP whitelisting...

4.3CVSS7.8AI score0.00524EPSS
Exploits0References3
CVE
CVE
added 2008/03/10 5:0 p.m.56 views

CVE-2008-1261

The CVE-2008-1261 entry affects the Zyxel P-2602HW-D1A router (firmware 3.40(AJZ.1)). The vulnerability arises because the device’s admin page responses differ based on whether a user is logged in, enabling remote attackers to learn the current login status by requesting an arbitrary admin URI. T...

5CVSS6.8AI score0.01205EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2008/03/10 5:0 p.m.63 views

CVE-2008-1260

The CVE-2008-1260 entry affects the Zyxel P-2602HW-D1A router running firmware 3.40(AJZ.1). The described vulnerabilities are CSRF flaws that let remote attackers (no authentication required) influence the device: (1) expose the admin web server on WAN via WWWAccessInterface in Forms/RemMagWWW_1,...

4.3CVSS7.2AI score0.00524EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder