Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-5628

Malware in sbrugna...

9.3CVSS8.2AI score0.03342EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-19744

Malware in sbrugna...

5.4CVSS5.6AI score0.00954EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-53703

Malicious code in bioql PyPI...

6.5CVSS7.2AI score0.00551EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:5 a.m.7 views

CVE-2024-57677

An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...

6.5CVSS6.8AI score0.00551EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:1 a.m.9 views

CVE-2018-8062

A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...

5.4CVSS5.8AI score0.00954EPSS
Exploits3References1
OSV
OSV
added 2025/01/16 7:15 p.m.5 views

CVE-2024-57677

An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...

6.5CVSS5.8AI score0.00551EPSS
Exploits0References2
NVD
NVD
added 2025/01/16 7:15 p.m.23 views

CVE-2024-57677

An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...

6.5CVSS0.00551EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/16 12:0 a.m.7 views

CVE-2024-57677

An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...

6.8AI score0.00551EPSS
Exploits0References2
CVE
CVE
added 2025/01/16 12:0 a.m.56 views

CVE-2024-57677

CVE-2024-57677 describes an access-control flaw in the D-Link 816A2 DIR-816 firmware (form2Wan.cgi) that allows unauthenticated attackers to configure the device’s WAN service via a crafted POST request. Root cause per documents: improper access control on the form2Wan.cgi endpoint, enabling mani...

6.5CVSS6.9AI score0.00551EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/01/16 12:0 a.m.10 views

CVE-2024-57677

An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...

0.00551EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/30 12:0 a.m.3 views

PT-2025-3535 · D Link · D-Link 816

Name of the Vulnerable Software and Affected Versions: D-Link 816A2 FWv1.10CNB05 R1B011D88210 Description: An access control issue in the component form2Wan.cgi of D-Link devices allows unauthenticated attackers to configure the WAN service of the device via a crafted POST request to the...

10CVSS9.3AI score0.00551EPSS
Exploits0References8
NVD
NVD
added 2020/10/23 5:15 a.m.34 views

CVE-2018-8062

A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...

5.4CVSS0.00954EPSS
Exploits3References1
OSV
OSV
added 2020/10/23 5:15 a.m.4 views

CVE-2018-8062

A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...

5.4CVSS5.9AI score0.00954EPSS
Exploits3References1
Prion
Prion
added 2020/10/23 5:15 a.m.16 views

Cross site scripting

A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...

3.5CVSS5.3AI score0.00954EPSS
Exploits3References1Affected Software1
CVE
CVE
added 2020/10/23 4:27 a.m.77 views

CVE-2018-8062

CVE-2018-8062 affects the Comtrend AR-5387un router family (firmware A731-410JAZ-C04_R02.A2pD035g.d23i). The vulnerability is an XSS flaw in the WAN Service Description parameter during WAN service creation, enabling injection of arbitrary script/HTML. Public sources describe a persistent XSS var...

5.4CVSS5.3AI score0.00954EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2020/10/23 4:27 a.m.40 views

CVE-2018-8062

A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...

5.3AI score0.00954EPSS
Exploits3References1
Exploit DB
Exploit DB
added 2020/10/20 12:0 a.m.459 views

Comtrend AR-5387un router - Persistent XSS (Authenticated)

!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Persistent XSS on Comtrend AR-5387un router Date: 19/10/2020 Exploit Author: OscarAkaElvis Vendor Homepage: https://www.comtrend.com/ Version: Comtrend AR-5387un router Tested on: Software/Firmware version A731-410JAZ-C04R02.A2pD035g.d2...

5.4CVSS5.6AI score0.00954EPSS
Exploits3
Citrix
Citrix
added 2018/11/05 12:0 a.m.6 views

SD-WAN ERROR: Registry versions are not compatible so the Virtual WAN service cannot run. You must manually update the configuration

Unable to install a configuration package on a brand new branch appliance. Configuration package was created running version 9.3.3 Branch appliance is running version 9.1.1 from factory When installing the configuration package on the branch via LCM Local Change Management, the new configuration ...

6.9AI score
Exploits0
Rows per page
Query Builder