EUVD-2004-1678

Malware in sbrugna...

EUVD-2007-1580

Malware in sbrugna...

ZynOS rom-0 Flaw Scanner

!/usr/bin/perl ZynOS rom-0 Flaw Scanner Copyright 2021 c Todor Donev https://donev.eu/ $ perl zynosscanner ZynOS rom-0 Flaw Scanner zynosscanner --targets= --threads=10 --redirects=7 --help --targets | Specify the list with addresses that you want to scan. --dump | Dump rom-0 file for each target...

CVE-2015-6017

Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...

CVE-2015-6016

ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0, PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...

CVE-2015-6017

Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...

CVE-2015-6016

CVE-2015-6016 affects ZyXEL routers: P-660HW-T1 v2 with ZyNOS 3.40(AXH.0), PMG5318-B20A (firmware 1.00AANC0b5), and NBG-418N, where the admin account uses a default password of 1234 . This enables remoting attackers to obtain administrative access via unspecified vectors. The connected sources co...

CVE-2015-6017

CVE-2015-6017 refers to multiple cross-site scripting (XSS) vulnerabilities in the ZyXEL P-660HW-T1 v2 router running ZyNOS firmware 3.40(AXH.0). The issue resides in the web form at /Forms/rpAuth_1, where an attacker can craft requests that inject arbitrary script or HTML via the LoginPassword o...

ZyXEL P-660HW-T1 Cross-Site Scripting Vulnerability

Zyxel P-660HW-T1 is a wireless router product from ZyXEL Technology. A cross-site scripting vulnerability exists in the 'LoginPassword' and 'hiddenPassword' parameters in the /Forms/rpAuth1 page of the ZyXEL P-660HW-T1 v2 using ZyNOS version V3.40 AXH.0 firmware. ' parameters in the /Forms/rpAuth...

DNS Hijack Flaw Found in D-Link Router

D-Link’s popular DSL2740R wireless router is vulnerable to domain name system DNS hijacking exploits that requiring no authentication to access its administrative interface. According to Todor Donev of the Bulgarian security firm Ethical Hacker, a number of other D-Link routers are affected by th...

Friends news router discovery DNS hijacking vulnerability-vulnerability warning-the black bar safety net

Security researchers have found that the Friends of the hearing at least one model of the router is found that the presence of DNS hijacking vulnerability that can be remotely change the DNS settings, hijack the traffic. Ethical hackerEthical Hackerresearch group of Todor Donev said, the...

Immunity Canvas: CVE_2014_9222

Name| CVE20149222 ---|--- CVE| CVE-2014-9222 Exploit Pack| CANVAS Description| CVE-2014-9222 Misfortune Cookie Notes| CVE Name: CVE-2014-9222 VENDOR: Alegro Notes: This module exploits the arbitrary memory overwrite vulnerability in RomPager embedded web-server, which was originally introduced by...

BF and XSS vulnerabilities in Zyxel P660RT2 EE

Hello 3APA3A! These are Brute Force and Cross-Site Scripting vulnerabilities in Zyxel P660RT2 EE ADSL Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 AXN.1. This model with other firmware...

XSS and CSRF vulnerabilities in Zyxel P660RT2 EE

Hello 3APA3A! These are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities in Zyxel P660RT2 EE ADSL Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 AXN.1. This model with...

Zyxel Prestige 642R Router Malformed IP Packet Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5292/info ZyXEL 642R and Prestige 310 routers have difficulties handling IP packets that are malformed. Reportedly, when ZyXEL routers receive a single specially malformed packet, they stop responding for exactly 30...

Zyxel Router 3.40 Zynos SMB Data Handling Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23061/info Zyxel Routers running the ZynOS operating system are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected device, denying further network service to...

Zyxel P660RT2 EE ADSL Router Brute Force / XSS

Hello list! These are Brute Force and Cross-Site Scripting vulnerabilities in Zyxel P660RT2 EE ADSL Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 AXN.1. This model with other firmware...

DNS SOHO Router Pharming Attack Takes 300,000 Routers

More than 300,000 small office and home office routers, most in Europe and Asia, were compromised in a campaign that started in mid-December, continuing a rash of security incidents involving home and small business networking equipment. Researchers at Team Cymru published a report today on the...

[ZynOS-Attacker] (TP-LINK TD-W8951ND Router) Tool for automated attack on a range of IP

With these scripts you can attack ZynOS routers and modify/extract anything you want on the target router from extracting ISP username and password to injecting rogue DNS servers IPs. Download ZynOS-Attacker...