2 matches found
CVE-2016-6452
Cisco Prime Home includes a critical authentication bypass in its web GUI. A processing error in the URL RBAC handling allows an unauthenticated remote attacker to obtain a valid session and perform actions with administrator privileges. Affected versions are 5.1.1.6 and earlier and 5.2.2.2 and e...
CVE-2016-6408
Cisco Prime Home 5.2.0 is affected by CVE-2016-6408, an XML External Entity (XXE) vulnerability in the Web-Based User Interface that could allow an unauthenticated, remote attacker to read arbitrary files via a crafted XML payload. The issue is due to improper handling of external entities when p...