18 matches found
EUVD-2015-7213
Malware in sbrugna...
EUVD-2015-7211
Malware in sbrugna...
EUVD-2015-7212
Malware in sbrugna...
ReadyNet WRT300N-DD devices with firmware license issue vulnerability
ReadyNet WRT300N-DD devices with firmware is a wireless router product from ReadyNet New Zealand. An authorization issue vulnerability exists in ReadyNet WRT300N-DD devices with firmware 1.0.26. This allows remote attackers to gain administrative privileges by exploiting a LAN session...
ReadyNet WRT300N-DD devices with firmware spoofing vulnerability
ReadyNet WRT300N-DD devices with firmware is a wireless router product from ReadyNet New Zealand. A spoofing vulnerability exists in ReadyNet WRT300N-DD devices with firmware 1.0.26. Since the devices use the same source port for DNS lookups, a remote attacker could select this number as the...
ReadyNet WRT300N-DD devices with firmware cross-site request forgery vulnerability
ReadyNet WRT300N-DD devices with firmware is a wireless router product from ReadyNet New Zealand. The ReadyNet WRT300N-DD devices with firmware 1.0.26 suffers from a cross-site request forgery vulnerability. This allows remote attackers to hijack the authentication of arbitrary user identities...
CVE-2015-7282
ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port...
CVE-2015-7281
Cross-site request forgery CSRF vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2015-7280
The web administration interface on ReadyNet WRT300N-DD devices with firmware 1.0.26 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
Default credentials
The web administration interface on ReadyNet WRT300N-DD devices with firmware 1.0.26 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users...
Design/Logic Flaw
ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port...
CVE-2015-7280
The web administration interface on ReadyNet WRT300N-DD devices with firmware 1.0.26 has a default password of admin for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session...
CVE-2015-7282
ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port...
CVE-2015-7280
The CVE-2015-7280 entry affects ReadyNet WRT300N-DD devices (firmware 1.0.26). The vulnerability arises from default credentials (admin/admin) on the web administration interface, enabling a LAN‑based attacker to obtain administrative privileges. Impact is compatible with a high/severe rating (NV...
CVE-2015-7281
The vulnerability CVE-2015-7281 affects ReadyNet WRT300N-DD devices running firmware 1.0.26. A CSRF flaw allows an attacker to hijack the authentication of arbitrary users, by exploiting requests made within a user’s session, effectively acting with the victim’s privileges. The CNVD entry for Rea...
CVE-2015-7282
The CVE-2015-7282 entry concerns ReadyNet WRT300N-DD devices (firmware 1.0.26) where DNS queries use a fixed source port. This behavior enables a remote attacker to spoof DNS responses by choosing that destination port, potentially affecting LAN clients by redirecting them to attacker-controlled ...
CVE-2015-7281
Cross-site request forgery CSRF vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users...