RSS   Vulnerabilities for 'Zxdsl 831cii'   RSS

2014-11-20
 
CVE-2014-9027

 

 
Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that disable modem lan ports via the (1) enblftp, (2) enblhttp, (3) enblsnmp, (4) enbltelnet, (5) enbltftp, (6) enblicmp, or (7) enblssh parameter to accesslocal.cmd.

 
 
CVE-2014-9020

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action. NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected products and codebases.

 

 >>> Vendor: Zteusa 7 Products
Zxhn h108l firmware
Zxdsl 831
Zxdsl 831cii
Zte blade spark firmware
Zte blade vantage firmware
Zte zmax champ firmware
Zte zmax pro firmware


Copyright 2024, cxsecurity.com

 

Back to Top