18 matches found
EUVD-2017-5628
Malware in sbrugna...
EUVD-2018-19744
Malware in sbrugna...
EUVD-2024-53703
Malicious code in bioql PyPI...
CVE-2024-57677
An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...
CVE-2018-8062
A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...
CVE-2024-57677
An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...
CVE-2024-57677
An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...
CVE-2024-57677
An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...
CVE-2024-57677
CVE-2024-57677 describes an access-control flaw in the D-Link 816A2 DIR-816 firmware (form2Wan.cgi) that allows unauthenticated attackers to configure the device’s WAN service via a crafted POST request. Root cause per documents: improper access control on the form2Wan.cgi endpoint, enabling mani...
CVE-2024-57677
An access control issue in the component form2Wan.cgi of D-Link 816A2FWv1.10CNB05R1B011D88210 allows unauthenticated attackers to set the wan service of the device via a crafted POST request...
PT-2025-3535 · D Link · D-Link 816
Name of the Vulnerable Software and Affected Versions: D-Link 816A2 FWv1.10CNB05 R1B011D88210 Description: An access control issue in the component form2Wan.cgi of D-Link devices allows unauthenticated attackers to configure the WAN service of the device via a crafted POST request to the...
CVE-2018-8062
A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...
CVE-2018-8062
A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...
Cross site scripting
A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...
CVE-2018-8062
CVE-2018-8062 affects the Comtrend AR-5387un router family (firmware A731-410JAZ-C04_R02.A2pD035g.d23i). The vulnerability is an XSS flaw in the WAN Service Description parameter during WAN service creation, enabling injection of arbitrary script/HTML. Public sources describe a persistent XSS var...
CVE-2018-8062
A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...
Comtrend AR-5387un router - Persistent XSS (Authenticated)
!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Persistent XSS on Comtrend AR-5387un router Date: 19/10/2020 Exploit Author: OscarAkaElvis Vendor Homepage: https://www.comtrend.com/ Version: Comtrend AR-5387un router Tested on: Software/Firmware version A731-410JAZ-C04R02.A2pD035g.d2...
SD-WAN ERROR: Registry versions are not compatible so the Virtual WAN service cannot run. You must manually update the configuration
Unable to install a configuration package on a brand new branch appliance. Configuration package was created running version 9.3.3 Branch appliance is running version 9.1.1 from factory When installing the configuration package on the branch via LCM Local Change Management, the new configuration ...