16 matches found
CVE-2015-6017
Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...
CVE-2015-6017
Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...
CVE-2015-6016
CVE-2015-6016 affects ZyXEL routers: P-660HW-T1 v2 with ZyNOS 3.40(AXH.0), PMG5318-B20A (firmware 1.00AANC0b5), and NBG-418N, where the admin account uses a default password of 1234 . This enables remoting attackers to obtain administrative access via unspecified vectors. The connected sources co...
ZyXEL P-660HW-T1 Cross-Site Scripting Vulnerability
Zyxel P-660HW-T1 is a wireless router product from ZyXEL Technology. A cross-site scripting vulnerability exists in the 'LoginPassword' and 'hiddenPassword' parameters in the /Forms/rpAuth1 page of the ZyXEL P-660HW-T1 v2 using ZyNOS version V3.40 AXH.0 firmware. ' parameters in the /Forms/rpAuth...
BF and XSS vulnerabilities in Zyxel P660RT2 EE
Hello 3APA3A! These are Brute Force and Cross-Site Scripting vulnerabilities in Zyxel P660RT2 EE ADSL Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 AXN.1. This model with other firmware...
Zyxel P660RT2 EE ADSL Router Brute Force / XSS
Hello list! These are Brute Force and Cross-Site Scripting vulnerabilities in Zyxel P660RT2 EE ADSL Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 AXN.1. This model with other firmware...
CVE-2007-4316
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions...
Cross site scripting
Cross-site scripting XSS vulnerability in Forms/General1 in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter...
CVE-2007-4319
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service infinite reboot loop via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF;...
CVE-2007-4318
Cross-site scripting XSS vulnerability in Forms/General1 in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter...
Cross site scripting
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service infinite reboot loop via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF;...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General1 with the 1 sysSystemName and 2...
Default credentials
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions...
CVE-2007-4319
The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service infinite reboot loop via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF;...
CVE-2007-4318
CVE-2007-4318 is a cross-site scripting (XSS) vulnerability in the Zyxel Zywall 2 device running ZyNOS firmware 3.62(WK.6). The issue affects the management interface (Forms/General_1) where the sysSystemName parameter can be manipulated by remote authenticated administrators to inject arbitrary ...