Lucene search
K

64 matches found

CVE
CVE
added 2014/03/28 9:0 p.m.58 views

CVE-2014-1982

The CVE-2014-1982 issue affects Allied Telesis AT-RG634A ADSL Broadband router (3.3+), plus related firmware (iMG624A 3.5, iMG616LH 2.4, iMG646BD 3.5). The root cause is OS command injection via a direct request to cli.html, enabling remote attackers to gain privileges and execute arbitrary comma...

10CVSS7.9AI score0.09905EPSS
Exploits7References2Affected Software2
Cvelist
Cvelist
added 2014/03/28 9:0 p.m.23 views

CVE-2014-1982

The administrative interface in Allied Telesis AT-RG634A ADSL Broadband router 3.3+, iMG624A firmware 3.5, iMG616LH firmware 2.4, and iMG646BD firmware 3.5 allows remote attackers to gain privileges and execute arbitrary commands via a direct request to cli.html...

7.7AI score0.09905EPSS
Exploits7References2
0day.today
0day.today
added 2014/03/27 12:0 a.m.40 views

Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Webshell

Exploit for hardware platform in category web applications Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing...

10CVSS0.1AI score0.09905EPSS
Exploits7
exploitpack
exploitpack
added 2014/03/26 12:0 a.m.30 views

Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell

Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing...

10CVSS0.3AI score0.09905EPSS
Exploits7
Packet Storm
Packet Storm
added 2014/03/26 12:0 a.m.38 views

Allied Telesis AT-RG634A Unauthenticated Webshell

Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing Authentication for Critical Function Affected products: - Allied Teles...

10CVSS0.4AI score0.09905EPSS
Exploits7
Exploit DB
Exploit DB
added 2014/03/26 12:0 a.m.41 views

Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell

Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing Authentication for Critical Function Affected products: - Allied Teles...

10CVSS6.5AI score0.09905EPSS
Exploits7
securityvulns
securityvulns
added 2013/02/11 12:0 a.m.103 views

DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up

A few weeks ago, we have announced remote preauth root access exploit for Cisco Linksys http://www.youtube.com/watch?v=cv-MbL7KFKE. Vulnerability details were disclosed here: http://www.defensecode.com/public/DefenseCodeBroadcomSecurityAdvisory.pdf During further research, we have discovered that...

0.6AI score
Exploits0
0day.today
0day.today
added 2013/01/03 12:0 a.m.26 views

Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access

Exploit for hardware platform in category remote exploits Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access Device: "The AT-MCF2000M is the management module for the AT-MCF2000 two-slot chassis. With the AT-MCF2000M management module, if there is a blade failure, insertion or removal, yo...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2013/01/03 12:0 a.m.29 views

Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2013-01-02 Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access Device: "The AT-MCF2000M is the management module for the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/01/03 12:0 a.m.13 views

Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution

Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2013-01-02 Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Acces...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2013/01/03 12:0 a.m.23 views

Allied Telesis AT-MCF2000M 3.0.2 Local Root

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2013-01-02 Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access Device: "The AT-MCF2000M is the management module for the...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/19 12:0 a.m.44 views

ManageEngine Device Expert 5.6 Directory Traversal

ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Database Backup / auth-conf.xml Disclosure Exploit product homepage: http://www.manageengine.com/products/device-expert/ file tested: ManageEngineDeviceExpert.exe tested against:...

Exploits0
exploitpack
exploitpack
added 2012/03/19 12:0 a.m.37 views

ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal

ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Database Backup / auth-conf.xml Disclosure Exploit product homepage:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/03/19 12:0 a.m.41 views

ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal

ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Database Backup / auth-conf.xml Disclosure Exploit product homepage: http://www.manageengine.com/products/device-expert/ file tested: ManageEngineDeviceExpert.exe tested against:...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2011/05/27 6:28 p.m.30 views

Vendor's List Of Backdoor Accounts Leaked Online

An internal document listing the backdoor accounts for switches manufactured by networking equipment vendor Allied Telesis was circulating online Friday, a day after an internal support page providing instructions on accessing hard coded back door accounts in the company’s products was found to b...

7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2011/05/26 4:33 p.m.9 views

Hardware Vendor Offers Backdoor with Every Product

IT administrators know there’s nothing more frustrating than losing administrative access to your network equipment. But Allied Telesis, a Japan-based maker of switches, routers and other networking devices, has a fix: guaranteed backdoors for every product. That revelation comes after a support...

0.4AI score
Exploits0References5
NVD
NVD
added 2006/12/23 11:28 a.m.15 views

CVE-2006-6717

The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations...

7.5CVSS6.8AI score0.01402EPSS
Exploits0References5
NVD
NVD
added 2006/12/23 11:28 a.m.17 views

CVE-2006-6718

The Allied Telesis AT-9000/24 Ethernet switch has a default password for its admin account, "manager," which allows remote attackers to perform unauthorized actions...

7.5CVSS6.9AI score0.01201EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/12/23 11:0 a.m.20 views

CVE-2006-6717

The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations...

6.8AI score0.01402EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/12/23 11:0 a.m.22 views

CVE-2006-6718

The Allied Telesis AT-9000/24 Ethernet switch has a default password for its admin account, "manager," which allows remote attackers to perform unauthorized actions...

6.9AI score0.01201EPSS
Exploits0References1
Rows per page
Query Builder