EUVD-2012-3867

Malware in sbrugna...

EUVD-2012-3868

Malware in sbrugna...

CVE-2014-4154

ZTE ZXV10 W300 router with firmware W300V1.0.0aZRDLK stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the PPPoE/PPPoA password via a direct request for basic/tc2wanfun.js...

CVE-2014-4154

The CVE-2014-4154 entry concerns the ZTE ZXV10 W300 router (firmware W300V1.0.0a_ZRD_LK). The issue is improper access control that stores sensitive information under the web root, enabling remote attackers to retrieve the PPPoE/PPPoA password via a direct request to basic/tc2wanfun.js. The docum...

ZTE WXV10 W300 - Multiple Vulnerabilities

No description provided by source. Exploit Title: ZTE WXV10 W300 Multiple Vulnerabilities Date: 17-05-2014 Server Version: RomPager/4.07 UPnP/1.0 Tested Routers: ZTE ZXV10 W300 Firmware: W300V1.0.0aZRDLK ADSL Firmware: FwVer:3.11.2.175TC3086 HwVer:T14.F75.0 Tested on: Kali Linux x8664 Exploit...

ZTE WXV10 W300 - Multiple Vulnerabilities

ZTE WXV10 W300 - Multiple Vulnerabilities Exploit Title: ZTE WXV10 W300 Multiple Vulnerabilities Date: 17-05-2014 Server Version: RomPager/4.07 UPnP/1.0 Tested Routers: ZTE ZXV10 W300 Firmware: W300V1.0.0aZRDLK ADSL Firmware: FwVer:3.11.2.175TC3086 HwVer:T14.F75.0 Tested on: Kali Linux x8664...

Cisco IOS SSL VPN Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service DoS condition on a targeted system. The vulnerability is due to an error in the SSL VPN component of the affected software. An authenticated, remote attacker could exploit...

CVE-2012-3924

The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service device crash via a session involving a PPP over ATM PPPoA interface, aka Bug ID CSCty97961...

Code injection

The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service device crash via a session involving a PPP over ATM PPPoA interface, aka...

Design/Logic Flaw

The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service device crash via a session involving a PPP over ATM PPPoA interface, aka Bug ID CSCty97961...

CVE-2012-3924

Cisco IOS SSL VPN DTLS implementation (15.1/15.2) contains a DoS by mis-handling certain outbound ACL configurations, enabling an authenticated remote user to crash the device via a PPPoA session (Bug ID CSCty97961). Exploitation involves SSL VPN traffic terminating over PPPoA; Cisco has released...

CVE-2012-3924

The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service device crash via a session involving a PPP over ATM PPPoA interface, aka Bug ID CSCty97961...