|
271911
|
8.1 |
HIGH
Network
|
zyxel
|
nbg-418n_firmware
|
The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative pr…
|
CWE-255
Credentials Management
|
CVE-2015-7283
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271912
|
5.8 |
MEDIUM
Network
|
readynet_solutions
|
wrt300n-dd_firmware
wrt300n-dd
|
ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the de…
|
CWE-20
Improper Input Validation
|
CVE-2015-7282
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271913
|
8.8 |
HIGH
Network
|
readynet_solutions
|
wrt300n-dd_firmware
|
Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-7281
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271914
|
9.8 |
CRITICAL
Network
|
readynet_solutions
|
wrt300n-dd_firmware
|
The web administration interface on ReadyNet WRT300N-DD devices with firmware 1.0.26 has a default password of admin for the admin account, which allows remote attackers to obtain administrative priv…
|
CWE-255
Credentials Management
|
CVE-2015-7280
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271915
|
5.3 |
MEDIUM
Network
|
ampedwireless
|
r10000_firmware
|
Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses b…
|
NVD-CWE-Other
|
CVE-2015-7279
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271916
|
8.8 |
HIGH
Network
|
ampedwireless
|
r10000_firmware
|
Cross-site request forgery (CSRF) vulnerability on Amped Wireless R10000 devices with firmware 2.5.2.11 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-7278
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271917
|
9.8 |
CRITICAL
Network
|
ampedwireless
|
r10000_firmware
|
The web administration interface on Amped Wireless R10000 devices with firmware 2.5.2.11 has a default password of admin for the admin account, which allows remote attackers to obtain administrative …
|
CWE-255
Credentials Management
|
CVE-2015-7277
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271918
|
6.1 |
MEDIUM
Network
|
zte
|
zxhn_h108n_r1a_firmware
|
Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to inject arbitrary web script or HTML via the error…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7252
|
2024-11-21 11:36 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271919
|
9.8 |
CRITICAL
Network
|
zte
|
zxhn_h108n_r1a_firmware
|
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.
|
CWE-255
Credentials Management
|
CVE-2015-7251
|
2024-11-21 11:36 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271920
|
7.5 |
HIGH
Network
|
zte
|
zxhn_h108n_r1a_firmware
|
Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getp…
|
CWE-22
Path Traversal
|
CVE-2015-7250
|
2024-11-21 11:36 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
