16 matches found
TOTOLINK X6000R stun_user parameter command execution vulnerability
TOTOLINK X6000R is a wireless router from China Gion Electronics that supports WiFi 6 technology with high concurrent connections and dual-band transmission. TOTOLINK X6000R suffers from a command execution vulnerability, which originates from the sub4119A0 function's stunuser parameter failing t...
Moxa EDR-810, EDR-G902, EDR-G903 Series Security Breach
MOXA Moxa EDR-810 and so on are the products of China MOXA company.Moxa EDR-810 is a security router.Moxa EDR-G903 is an industrial security router device integrating firewall/NAT/VPN.Moxa EDR-G902 is an industrial security router device integrating firewall/NAT/VPN.Moxa EDR-G902 is an industrial...
Halon Security Router < 3.2r2 Multiple Vulnerabilities
According to its self-reported version, the instance of Halon Security Router running on the remote host is affected by multiple vulnerabilities : - Multiple reflected cross-site scripting vulnerabilities exist in the web interface due to a failure to sanitize user-supplied input. - Multiple...
Halon Security Router User Interface Default Credentials
The remote Halon Security Router user interface uses a known set of default credentials. An attacker with access to the service can gain administrative access to the device. Additionally, these credentials allow SSH if enabled access to the device with root privileges. %NASLMINLEVEL 70300 C Tenab...
Halon Security Router (SR) 3.2-winter-r1 - Multiple Security Vulnerabilities
No description provided by source. ADVISORY INFORMATION Advisory Name: Multiple Security Vulnerabilities in Halon Security Router Date published: 2014-04-07 Vendors contacted: Halon Security http://www.halon.se Researcher: Juan Manuel Garcia http://www.linkedin.com/in/juanmagarcia VULNERABILITIES...
Halon Security Router (SR) 3.2-winter-r1 - Multiple Vulnerabilities
Halon Security Router SR 3.2-winter-r1 - Multiple Vulnerabilities ADVISORY INFORMATION Advisory Name: Multiple Security Vulnerabilities in Halon Security Router Date published: 2014-04-07 Vendors contacted: Halon Security http://www.halon.se Researcher: Juan Manuel Garcia...
Halon Security Router XSS / CSRF / Open Redirect
ADVISORY INFORMATION Advisory Name: Multiple Security Vulnerabilities in Halon Security Router Date published: 2014-04-07 Vendors contacted: Halon Security http://www.halon.se Researcher: Juan Manuel Garcia http://www.linkedin.com/in/juanmagarcia VULNERABILITIES INFORMATION Vulnerabilities: 1...
Halon Security Router (SR) =< v3.2-winter-r1 Multiple Vulnerabilities
I found the following security vulnerabilities in Security Router v3.2-winter-r1 and earlier: 1. Reflected Cross-Site Scripting XSS OWASP Top 10 2013-A3 2. Cross-site Request Forgery CSRF OWASP Top 10 2013-A8 3. Open Redirect OWASP Top 10 2013-A10 Vulnerable Software Link:...
Halon Security Router (SR) 3.2-winter-r1 - Multiple Vulnerabilities
ADVISORY INFORMATION Advisory Name: Multiple Security Vulnerabilities in Halon Security Router Date published: 2014-04-07 Vendors contacted: Halon Security http://www.halon.se Researcher: Juan Manuel Garcia http://www.linkedin.com/in/juanmagarcia VULNERABILITIES INFORMATION Vulnerabilities: 1...
Undocumented Test Interface in Cisco Small Business Devices
A vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router could allow an unauthenticated, remote attacker to gain root-level access to an affected device. Note: Additional research...
CVE-2011-1647
The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the private key for the admin SSL certificate via unspecified...
Design/Logic Flaw
The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote authenticated users to execute arbitrary commands via the 1 ping test parameter ...
CVE-2011-1645
The CVE-2011-1645 vulnerability affects Cisco RVS4000 and WRVS4400N Gigabit Security Routers. The flaw is in the web management interface, where an unauthenticated remote attacker can read the device’s backup configuration file, which can contain sensitive data such as HTTP passwords and VPN pre-...
CVE-2011-1646
CVE-2011-1646 affects Cisco RVS4000 (v1/v2) and WRVS4400N; web management interface allows a remote authenticated user to execute arbitrary commands by injecting into the ping test or traceroute test parameters. Root on the OS can be compromised with authenticated access; configuration backups ma...
CVE-2010-0593
The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, PVC2300 Business Internet Video Camera before 1.1.2.6, WVC200 Wireless-G PTZ Internet Video Camera before 1.1.1.15, WVC210 Wireless-G PTZ Internet Video Camera before 1.1.1.15, and WVC2300 Wireless-G Business Internet Video Camera...
netgear.txt
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ =+ NetGear RO318 HTTP Filter Advisory =+ =+ Null Byte Security =+ =+ http://home.tampabay.rr.com/nbs/ =+ =+ don't call it a come back =+ =+ [email protected] =+...