Almond Firmware@al-r096 Security Vulnerabilities and Issues — Almond Firmware@al-r096 CVE List

Lucene search

SecurifiAlmond Firmwareal-r096

10 matches found

CVE•added 2019/06/18 9:15 p.m.•91 views

CVE-2017-8334

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking IP addresses using the web management interface. It seems that the device does not implement any cross-site scripting forgery protection mec...

8CVSS7.5AI score0.00256EPSS

CVE•added 2019/06/18 9:15 p.m.•81 views

CVE-2017-8330

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in c...

6.5CVSS6.5AI score0.00742EPSS

CVE•added 2019/06/18 9:15 p.m.•78 views

CVE-2017-8337

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of executing various actions on the web management interface. It seems that the device does not implement any Origin header check which allows an attack...

8.8CVSS8.8AI score0.02333EPSS

CVE•added 2019/06/18 9:15 p.m.•72 views

CVE-2017-8332

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to prevent kids from watching content that might be deemed unsafe using the web management interface. I...

8.8CVSS8.1AI score0.00604EPSS

CVE•added 2019/06/18 9:15 p.m.•70 views

CVE-2017-8328

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross site request forgery pro...

9.3CVSS8.7AI score0.00253EPSS

CVE•added 2019/06/18 8:15 p.m.•61 views

CVE-2017-8331

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in...

8.8CVSS9AI score0.03697EPSS

CVE•added 2019/06/18 8:15 p.m.•61 views

CVE-2017-8333

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way tha...

9CVSS9AI score0.04336EPSS

CVE•added 2019/06/18 7:15 p.m.•58 views

CVE-2017-8336

8.8CVSS8.7AI score0.02061EPSS

CVE•added 2019/06/18 7:15 p.m.•55 views

CVE-2017-8335

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It seems that the POST parameters passed in thi...

8CVSS7.7AI score0.00515EPSS

CVE•added 2019/06/18 8:15 p.m.•52 views

CVE-2017-8329

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting a name for the wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It seems that the POST parameters passed ...

6.4CVSS6.3AI score0.00627EPSS