14 matches found
EUVD-2014-7148
Malware in sbrugna...
EUVD-2014-7149
Malware in sbrugna...
ZyXEL SBG-3300 Security Gateway Cross Site Scripting Vulnerability
ZyXEL SBG-3300 Security Gateway suffers from a cross site scripting vulnerability. Vulnerability Title: Stored Server XSS in ZyXEL SBG-3300 Security Gateway Date: 02/10/2014 CVE-ID: CVE-2014-7277 Product: ZyXEL SBG3300-N series Vendor: www.zyxel.com Affected Firmware: Latest version at the time o...
ZyXEL SBG-3300 security vulnerabilities
DoS, crossite scripting...
CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway
Vulnerability Title: DoS in ZyXEL SBG-3300 Security Gateway Date: 02/10/2014 CVE-ID: CVE-2014-7278 Product: ZyXEL SBG3300-N series Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure V1.00AADY.4C0 and below tested Patch: Unpatched Authored by: Mirko Casadei Disclosur...
CVE-2014-7278
The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00AADY.4C0 and earlier allows remote attackers to cause a denial of service persistent web-interface outage via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginM...
CVE-2014-7277
Cross-site scripting XSS vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00AADY.4C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified "welcome message" form data that is improperly handled during rendering of the...
Cross site scripting
Cross-site scripting XSS vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00AADY.4C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified "welcome message" form data that is improperly handled during rendering of the...
Design/Logic Flaw
The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00AADY.4C0 and earlier allows remote attackers to cause a denial of service persistent web-interface outage via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginM...
CVE-2014-7277
The ZyXEL SBG-3300 Security Gateway (firmware up to 1.00(AADY.4)C0) is affected by CVE-2014-7277, a Stored Server XSS in the login page. The vulnerability arises from improper handling of the loginMessage element during rendering of the login page, allowing remote attackers to inject arbitrary we...
CVE-2014-7278
CVE-2014-7278 affects ZyXEL SBG-3300 Security Gateway (firmware 1.00(AADY.4)C0 and earlier). The vulnerability allows remote attackers to trigger a Denial of Service by injecting JavaScript in the loginMsg used by the login page’s welcome message form, causing a persistent web-interface outage. T...
CVE-2014-7277
Cross-site scripting XSS vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00AADY.4C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified "welcome message" form data that is improperly handled during rendering of the...
CVE-2014-7278
The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00AADY.4C0 and earlier allows remote attackers to cause a denial of service persistent web-interface outage via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginM...
ZyXEL SBG-3300 Security Gateway Cross Site Scripting
Vulnerability Title: Stored Server XSS in ZyXEL SBG-3300 Security Gateway Date: 02/10/2014 CVE-ID: CVE-2014-7277 Product: ZyXEL SBG3300-N series Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure V1.00AADY.4C0 and below tested Patch: Unpatched Authored by: Mirko...