CVE-2014-8653

Cross-site scripting XSS vulnerability in Compal Broadband Networks CBN CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to inject arbitrary web script or HTML via the userData cookie...

Authentication flaw

The Compal Broadband Networks CBN CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to bypass authentication and obtain sensitive information via an a admin or a b root value in the userData cookie in a request to 1 CmgwWirelessSecurity.xml, 2...

CVE-2014-8655

The Compal Broadband Networks CBN CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to bypass authentication and obtain sensitive information via an a admin or a b root value in the userData cookie in a request to 1 CmgwWirelessSecurity.xml, 2...

CVE-2014-8653

Cross-site scripting XSS vulnerability in Compal Broadband Networks CBN CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to inject arbitrary web script or HTML via the userData cookie...

CVE-2014-8653

CVE-2014-8653 affects Compal Broadband Networks CH6640E/CG6640E Wireless Gateway (model CH6640/CH6640E, firmware CH6640-3.5.11.7-NOSH). The primary issue is an XSS flaw exposed via the userData cookie, enabling remote injection of arbitrary script/HTML. The ZSL report expands this to multiple vul...