TP-Link TL-WR841N / TL-WR841ND Brute Force / CSRF

Hello list! There are Brute Force and Cross-Site Request Forgery vulnerabilities in TP-Link TL-WR841N and TL-WR841ND. ------------------------- Affected products: ------------------------- Vulnerable are the next models: TP-Link TL-WR841N and TL-WR841ND, Firmware Version 3.16.9 Build 151216. All...

CSRF vulnerabilities in Callisto 821+R3 ADSL Router

Hello 3APA3A! After all my advisories about vulnerabilities in Callisto 821+ http://seclists.org/fulldisclosure/2011/Aug/1 and recent advisory about Callisto 821+R3, here is new one. Because vendor ignored in 2011 all my letters and subsequent my public disclosure of vulnerabilities and new devic...

IL and CSRF vulnerabilities in D-Link DAP-1360

Hello 3APA3A! There are Information Leakage and Cross-Site Request Forgery vulnerabilities in D-Link DAP-1360 Wi-Fi Access Point and Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DAP-1360, Firmware 1.0.0. This model with other...

CSRF and XSS vulnerabilities in IFOBS

Hello 3APA3A! I want to warn you about Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities in system IFOBS. IFOBS - it's Internet-banking system, which is widespread and particularly it's used by large number of Ukrainian banks. These are the next 35 vulnerabilities in IFOBS: 1 CS...