25 matches found
EUVD-2020-20194
Malware in sbrugna...
CVE-2020-27692
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings responsible for managing devices remotely. This makes it possibl...
Verve Connect VH510 Cross-Site Scripting Vulnerability
The Verve Connect VH510 is a hub for home applications from Verve Connect UK. The device regenerates and shapes and amplifies the received signals to extend the transmission distance of the network while concentrating all the nodes in the node centered on it. A cross-site scripting vulnerability...
Verve Connect VH510 Cross-Site Request Forgery Vulnerability
The Verve Connect VH510 is a hub for home applications from Verve Connect UK. The device regenerates and shapes and amplifies the received signal to extend the transmission distance of the network while concentrating all nodes on the node centered on it. Verve Connect VH510 has a cross-site reque...
Verve Connect VH510 Buffer Overflow Vulnerability
The Verve Connect VH510 is a hub for home applications from Verve Connect UK. The device regenerates and shapes and amplifies the received signal to extend the transmission distance of the network while concentrating all nodes on the node centered on it. A buffer overflow vulnerability exists in...
CVE-2020-27690
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains a buffer overflow within its web management portal. When a POST request is sent to /boaform/admin/formDOMAINBLK with a large blkDomain value, the Boa server crashes...
CVE-2020-27691
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 allows XSS via URLBlocking Settings, SNMP Settings, and System Log Settings...
CVE-2020-27691
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 allows XSS via URLBlocking Settings, SNMP Settings, and System Log Settings...
CVE-2020-27692
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings responsible for managing devices remotely. This makes it possibl...
CVE-2020-27692
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings responsible for managing devices remotely. This makes it possibl...
CVE-2020-27690
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains a buffer overflow within its web management portal. When a POST request is sent to /boaform/admin/formDOMAINBLK with a large blkDomain value, the Boa server crashes...
Cross site scripting
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 allows XSS via URLBlocking Settings, SNMP Settings, and System Log Settings...
Cross site request forgery (csrf)
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings responsible for managing devices remotely. This makes it possibl...
Buffer overflow
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains a buffer overflow within its web management portal. When a POST request is sent to /boaform/admin/formDOMAINBLK with a large blkDomain value, the Boa server crashes...
CVE-2020-27689
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the firmware image to a...
CVE-2020-27689
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the firmware image to a...
Design/Logic Flaw
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the firmware image to a...
CVE-2020-27692
The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings responsible for managing devices remotely. This makes it possibl...
CVE-2020-27692
The CVE-2020-27692 entry concerns the Relish (Verve Connect) VH510 hub, with firmware prior to 1.0.1.6L0516. Multiple CSRF flaws exist in the device’s web management portal that can be leveraged to modify TR-069 configuration, enabling remote reboot or uploading malicious firmware. Connected sour...
CVE-2020-27691
The CVE-2020-27691 entry concerns the Verve Connect VH510 (Relish) gateway. Affected firmware versions prior to 1.0.1.6L0516 are vulnerable to cross-site scripting (XSS) via the device’s UI settings pages: URLBlocking, SNMP, and System Log settings. The root cause is an input handling flaw in the...