12 matches found
EUVD-2016-10300
Malware in sbrugna...
EUVD-2016-10301
Malware in sbrugna...
EUVD-2016-10302
Malware in sbrugna...
CVE-2016-9495
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port 23 can be obtained through using one of a few default credentials shared among all devices...
CVE-2016-9494
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may...
CVE-2016-9497
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many...
CVE-2016-9494
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may...
Input validation
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may...
Design/Logic Flaw
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. An unauthenticated user may send an HTTP GET request to http://ip/com/gatewayreset or http://ip/cgi/reboot.bin to cause the modem to reboot...
Authentication flaw
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many...
CVE-2016-9495
CVE-2016-9495 affects Hughes broadband satellite modems (HN7740S, DW7000, HN7000S/SM). The root issue is use of hard-coded/default credentials allowing access to port 23 via telnet; OpenVAS notes multiple vulnerabilities in these devices. Affected firmware before 6.9.0.34 is vulnerable; 6.9.0.34+...
CVE-2016-9497 Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many...