25 matches found
EUVD-2012-3025
Malware in sbrugna...
EUVD-2010-2046
Malware in sbrugna...
CVE-2010-2025
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allow remote attackers to hijack the authentication of administrators for requests that 1 reset the modem, 2 erase the...
CVE-2010-2082
The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 has a default administrative password aka SAPassword of W2402, which makes it easier for remote attackers to obtain privileged access...
CVE-2010-2026
The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page...
Scientific Atlanta DPX2100 Cable Modem LanD Packet Denial of Service Vulnerability
No description provided by source. source: www.securityfocus.com/bid/15870/info Scientific Atlanta DPX2100 cable modems are prone to a denial of service vulnerability. These devices are susceptible to a remote denial of service vulnerability when handling TCP 'LanD' packets. This issue allows...
CVE-2013-7043
Multiple cross-site request forgery CSRF vulnerabilities on Cisco Scientific Atlanta DPR2320R2 routers with software 2.0.2r1262-090417 allow remote attackers to hijack the authentication of administrators for requests that 1 change a password via the Password parameter to goform/RgSecurity; 2...
CVE-2012-3047
The CVE-2012-3047 issue affects Cisco Scientific Atlanta D20 and D30 cable modems, where the web-wizard setup page is vulnerable to Cross-site Scripting (XSS). The root cause is insufficient sanitization of user-supplied input on the web wizard setup page, enabling an unauthenticated, remote atta...
CVE-2013-7043
CVE-2013-7043 covers multiple CSRF vulnerabilities in Cisco Scientific Atlanta DPR2320R2 routers running 2.0.2r1262-090417. The issues allow remote attackers to hijack administrator sessions and perform actions such as: (1) change a password via the Password parameter to goform/RgSecurity, (2) re...
Scientific-Atlanta, Inc. DPR2320R2 - Multiple Cross-Site Request Forgery Vulnerabilities
Exploit Title: DPR2320R2 Scientific-Atlanta, Inc.A Cisco COMPANY :: Multiple CSRF vulnerability Author: sajith Category: Hardware/Wireless Router vendor home page: http://www.cisco.com/web/consumer/support/modemDPR2320.html Software Version: v2.0.2r1262-090417 1 Attacker can change the modem...
Cisco Scientific Atlanta D20 and D30 Based Cable Modem Cross-Site Scripting Vulnerability
Cisco Scientific Atlanta cable modems D20 and D30 based products contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to insufficient sanitization of user-supplied input to the web wizard setup web page. An...
CVE-2010-2026
The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allow remote attackers to hijack the authentication of administrators for requests that 1 reset the modem, 2 erase the...
Default credentials
The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 has a default administrative password aka SAPassword of W2402, which makes it easier for remote attackers to obtain privileged access...
CVE-2010-2026
The CVE-2010-2026 entry applies to Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modems. The web interface (firmware 2.0.2r1256-060303) is vulnerable to cross-site request forgery (CSRF) and insufficient authentication, allowing remote attackers to bypass authentication and reset the modem or ...
CVE-2010-2082
The CVE-2010-2082 entry concerns the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem. Affected component: the web interface on firmware 2.0.2r1256-060303. Root cause: default administrator password (SAPassword) W2402 is known, enabling easier privileged access for remote attackers. Impact ...
CVE-2010-2025
Cisco WebSTAR DPC2100R2 cable modem (firmware 2.0.2r1256-060303) is affected by CSRF and insufficient authentication in its web interface, enabling remote attackers to hijack administrator actions such as resetting the modem, erasing or changing firmware, and altering the admin password via reque...
Scientific Atlanta DPC2100 cable modems security vulnerabilities
Crossite request forgery. Authentication bypass...
Scientific Atlanta DPC2100 Cable Modem Cross Site Request Forgery
=============================================================== Scientific Atlanta DPC2100 Cable Modem Cross-Site Request Forgery and Insufficient Authentication May 24, 2010 CVE-2010-2025, CVE-2010-2026 =============================================================== ==Description== Scientific...
Scientific Atlanta DPX2100 Comcast-supplied Default Password (deprecated)
Binary data 4900.prm...