CVE-2021-40866

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the disabled by default /sqfs/bin/sccd daemon, which fails to check authentication when the authentication TLV is missing from a received NSDP packet. This affects GC108P before 1.0.8....

Multiple NETGEAR Smart Switches Vulnerable to Input Validation Errors

GC108P and other smart switch products from Netgear, U.S.A. Several of Netgear's smart switches are vulnerable to an input validation error, which stems from a failure of the daemon to check for validation when an authentication TLV is missing from an incoming NSDP packet. An unauthenticated...

CVE-2021-40866

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the disabled by default /sqfs/bin/sccd daemon, which fails to check authentication when the authentication TLV is missing from a received NSDP packet. This affects GC108P before 1.0.8....

CVE-2020-25078

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure. Recent assessments: kevthehermit at March 04, 2021 12:03am UTC reported: Vulnerability The D-LInk...

WESPA PHP Newsletter 3.0 Administrator Password Change

"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path Author: alieye class : remote E-mail: [email protected] greetz: C.S.Eye Security Team members We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com...