Lucene search
K

16 matches found

NVD
NVD
added 2015/12/31 5:59 a.m.19 views

CVE-2015-6017

Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...

6.1CVSS6.2AI score0.02139EPSS
Exploits0References3
Prion
Prion
added 2015/12/31 5:59 a.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...

4.3CVSS6.2AI score0.02139EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/12/31 2:0 a.m.22 views

CVE-2015-6017

Multiple cross-site scripting XSS vulnerabilities in Forms/rpAuth1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40AXH.0 allow remote attackers to inject arbitrary web script or HTML via the 1 LoginPassword or 2 hiddenPassword parameter...

6.4AI score0.02139EPSS
Exploits0References3
CVE
CVE
added 2015/12/31 2:0 a.m.55 views

CVE-2015-6016

CVE-2015-6016 affects ZyXEL routers: P-660HW-T1 v2 with ZyNOS 3.40(AXH.0), PMG5318-B20A (firmware 1.00AANC0b5), and NBG-418N, where the admin account uses a default password of 1234 . This enables remoting attackers to obtain administrative access via unspecified vectors. The connected sources co...

10CVSS9.4AI score0.05731EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2015/10/23 12:0 a.m.3 views

ZyXEL P-660HW-T1 Cross-Site Scripting Vulnerability

Zyxel P-660HW-T1 is a wireless router product from ZyXEL Technology. A cross-site scripting vulnerability exists in the 'LoginPassword' and 'hiddenPassword' parameters in the /Forms/rpAuth1 page of the ZyXEL P-660HW-T1 v2 using ZyNOS version V3.40 AXH.0 firmware. ' parameters in the /Forms/rpAuth...

6.1CVSS6.2AI score0.02139EPSS
Exploits0References1
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.45 views

BF and XSS vulnerabilities in Zyxel P660RT2 EE

Hello 3APA3A! These are Brute Force and Cross-Site Scripting vulnerabilities in Zyxel P660RT2 EE ADSL Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 AXN.1. This model with other firmware...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2014/06/22 12:0 a.m.31 views

Zyxel P660RT2 EE ADSL Router Brute Force / XSS

Hello list! These are Brute Force and Cross-Site Scripting vulnerabilities in Zyxel P660RT2 EE ADSL Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 AXN.1. This model with other firmware...

7.4AI score
Exploits0
NVD
NVD
added 2007/08/13 9:17 p.m.23 views

CVE-2007-4316

The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions...

4.3CVSS6.7AI score0.01216EPSS
Exploits0References6
Prion
Prion
added 2007/08/13 9:17 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in Forms/General1 in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter...

4.3CVSS5.8AI score0.02307EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2007/08/13 9:17 p.m.18 views

CVE-2007-4319

The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service infinite reboot loop via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF;...

4CVSS6.3AI score0.01361EPSS
Exploits1References6
NVD
NVD
added 2007/08/13 9:17 p.m.20 views

CVE-2007-4318

Cross-site scripting XSS vulnerability in Forms/General1 in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter...

4.3CVSS5.4AI score0.02307EPSS
Exploits1References7
Prion
Prion
added 2007/08/13 9:17 p.m.20 views

Cross site scripting

The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service infinite reboot loop via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF;...

4CVSS6.9AI score0.01361EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2007/08/13 9:17 p.m.15 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General1 with the 1 sysSystemName and 2...

4.3CVSS7.7AI score0.01332EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2007/08/13 9:17 p.m.17 views

Default credentials

The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions...

4.3CVSS7.3AI score0.01216EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/08/13 9:0 p.m.24 views

CVE-2007-4319

The management interface in ZyNOS firmware 3.62WK.6 on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service infinite reboot loop via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF;...

6.3AI score0.01361EPSS
Exploits1References6
CVE
CVE
added 2007/08/13 9:0 p.m.59 views

CVE-2007-4318

CVE-2007-4318 is a cross-site scripting (XSS) vulnerability in the Zyxel Zywall 2 device running ZyNOS firmware 3.62(WK.6). The issue affects the management interface (Forms/General_1) where the sysSystemName parameter can be manipulated by remote authenticated administrators to inject arbitrary ...

4.3CVSS5.4AI score0.02307EPSS
Exploits1References7Affected Software2
Rows per page
Query Builder