11 matches found
EUVD-2017-7755
Malware in sbrugna...
EUVD-2017-7756
Malware in sbrugna...
Vonage HT802 Cross-Site Request Forgery Vulnerability
The Vonage Grandstream HT802 devices is a home gateway device from Vonage USA. A cross-site request forgery vulnerability exists in the Basic Settings screen on Vonage Grandstream HT802 devices. A remote attacker could exploit this vulnerability to change settings...
Vonage HT802 Cross-Site Scripting Vulnerability
The Vonage Grandstream HT802 devices is a home gateway device from Vonage USA. A cross-site scripting vulnerability exists in /cgi-bin/config2 on Vonage Grandstream HT802 devices. A remote user can exploit the vulnerability to inject arbitrary web script or HTML via the DHCP vendor class ID field...
CVE-2017-16563
Cross-Site Request Forgery CSRF in the Basic Settings screen on Vonage Grandstream HT802 devices allows attackers to modify settings, related to cgi-bin/update...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF in /cgi-bin/login on Vonage Grandstream HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests...
CVE-2017-16564
Stored Cross-site scripting XSS vulnerability in /cgi-bin/config2 on Vonage Grandstream HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field P148...
Cross site scripting
Stored Cross-site scripting XSS vulnerability in /cgi-bin/config2 on Vonage Grandstream HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field P148...
CVE-2017-16565
Cross-Site Request Forgery CSRF in /cgi-bin/login on Vonage Grandstream HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests...
CVE-2017-16563
Cross-Site Request Forgery CSRF in the Basic Settings screen on Vonage Grandstream HT802 devices allows attackers to modify settings, related to cgi-bin/update...
CVE-2017-16564
Stored Cross-site scripting XSS vulnerability in /cgi-bin/config2 on Vonage Grandstream HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field P148...