11 matches found
EUVD-2017-7755
Malware in sbrugna...
EUVD-2017-7756
Malware in sbrugna...
Vonage HT802 Cross-Site Request Forgery Vulnerability
The Vonage Grandstream HT802 devices is a home gateway device from Vonage USA. A cross-site request forgery vulnerability exists in the Basic Settings screen on Vonage Grandstream HT802 devices. A remote attacker could exploit this vulnerability to change settings...
Vonage HT802 Cross-Site Scripting Vulnerability
The Vonage Grandstream HT802 devices is a home gateway device from Vonage USA. A cross-site scripting vulnerability exists in /cgi-bin/config2 on Vonage Grandstream HT802 devices. A remote user can exploit the vulnerability to inject arbitrary web script or HTML via the DHCP vendor class ID field...
CVE-2017-16564
Stored Cross-site scripting XSS vulnerability in /cgi-bin/config2 on Vonage Grandstream HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field P148...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF in /cgi-bin/login on Vonage Grandstream HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests...
Cross site scripting
Stored Cross-site scripting XSS vulnerability in /cgi-bin/config2 on Vonage Grandstream HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field P148...
CVE-2017-16565
Cross-Site Request Forgery CSRF in /cgi-bin/login on Vonage Grandstream HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests...
CVE-2017-16563
Cross-Site Request Forgery CSRF in the Basic Settings screen on Vonage Grandstream HT802 devices allows attackers to modify settings, related to cgi-bin/update...
CVE-2017-16564
Stored Cross-site scripting XSS vulnerability in /cgi-bin/config2 on Vonage Grandstream HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field P148...
CVE-2017-16563
Cross-Site Request Forgery CSRF in the Basic Settings screen on Vonage Grandstream HT802 devices allows attackers to modify settings, related to cgi-bin/update...