3 matches found
CVE-2019-18661
Fastweb FASTGate 1.0.1b is affected by an authentication bypass where a check_pwd return value can be altered from 0 to 1, enabling an attacker to view all pages of the administration console without achieving full administrative control. Root cause involves partial bypass of authentication; no e...
CVE-2018-6023
Affected product: Fastweb FASTgate 0.00.47 router. Vulnerability: Cross-site request forgery (CSRF) that allows attackers to modify configuration, including changing the Wi‑Fi password and activating Guest Wi‑Fi. Root cause: CSRF in the device’s web interface enabling unauthorized authenticated a...
CVE-2018-20122
The CVE-2018-20122 entry concerns FASTGate Fastweb devices with firmware up to 0.00.47_FW_200_Askey (2017-05-17) and software up to 1.0.1b. The issue is a command injection vulnerability in a CGI binary exposed by the web interface, allowing remote code execution with root privileges. Notably, no...