24 matches found
EUVD-2023-54353
Malicious code in bioql PyPI...
CVE-2022-36200
In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...
CVE-2023-4498 Authentication Bypass in Tenda N300 Wireless N VDSL2 Modem Router
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only...
CVE-2023-4498 Authentication Bypass in Tenda N300 Wireless N VDSL2 Modem Router
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only...
CVE-2022-36200
In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...
Design/Logic Flaw
In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...
CVE-2022-36200
In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...
CVE-2022-36200
CVE-2022-36200 affects FiberHome VDSL2 Modem HG150-Ub_V3.0. The admin credentials are submitted in the URL, creating risk of logging/sniffing and exposure of confidential data. The vulnerability is described across multiple sources (NVD entry mirrors a network-accessible issue with high impact on...
FiberHome VDSL2 Modem HG150-Ub Cross Site Scripting Vulnerability
FiberHome VDSL2 Modem HG150-Ub is a router device from FiberHome.A cross-site scripting vulnerability exists in FiberHome VDSL2 Modem HG150-Ub V3.0, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to conduct...
Cross site scripting
In FiberHome VDSL2 Modem HG150-UbV3.0, a stored cross-site scripting XSS vulnerability in Parental Control -- Access Time Restriction -- Username field, a user cannot delete the rule due to the XSS...
CVE-2021-41946
CVE-2021-41946 affects FiberHome VDSL2 Modem HG150-Ub_V3.0. The issue is a stored cross-site scripting (XSS) vulnerability in the Parental Control path (Access Time Restriction -> Username field) that prevents deleting a rule due to the XSS. Public references (NVD and Red Hat) document the fla...
Telus Actiontec T2200H Local Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Device Details Discovered By: Andrew Klaus [email protected] Vendor: Actiontec Telus Branded Model: T2200H Affected Firmware: T2200H-31.128L.08 Device Manual: http://static.telus.com/common/cms/files/internet/telust2200husermanu al.pdf Reported: Sept...
FiberHome VDSL2 Modem HG 150-UB Security Bypass Vulnerability
FiberHome VDSL2 Modem HG 150-UB is a modem product from China FiberHome. A security vulnerability exists in the FiberHome VDSL2 Modem HG 150-UB. The vulnerability can be exploited to bypass authentication with the 'Cookie: Name=0admin' header...
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard...
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an...
CVE-2018-9248
FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header...
Authentication flaw
FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request...
CVE-2018-9249
FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request...
CVE-2018-9248
CVE-2018-9248 affects FiberHome VDSL2 Modem HG 150-UB. The flaw allows authentication bypass via the HTTP cookie header “Cookie: Name=0admin” due to improper session handling and a hard-coded/plain-text cookie. Public evidence (NVD entry, CNVD-2018-08815, Exploit-DB entry) confirms the bypass can...
CVE-2018-9249
The CVE-2018-9249 issue affects FiberHome VDSL2 Modem HG 150-UB where authentication can be bypassed by the device’s response not enforcing login.html, due to the client-side JavaScript check (parent.location='login.html') being ignored on unauthenticated requests. Affected component: the modem’s...