Vulnerabilities for Open xdmod (...) - CXSECURITY.COM

Vulnerabilities for 'Open xdmod'

2019-05-02

CVE-2018-16988

CWE-640

An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process (pass_reset.php, password_reset.php, XDUser.php) in the past few minutes.

CVE-2018-16961

CWE-22

An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/dl_publication.php allows Path traversal via the file parameter, allowing remote attackers to read PDF files in arbitrary directories.

CVE-2018-16960

CWE-79

An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/login.php has Reflected XSS via the xd_user_formal_name parameter.

>>> Vendor: Buffalo 43 Products

Wzr-600dhp2 firmware

Wzr-600dhp3 firmware

Wzr-900dhp2 firmware

Wzr-900dhp firmware

Wzr-s600dhp firmware

Wzr-s900dhp firmware

Bhr-4grv firmware

Dwr-hp-g300nh firmware

Fs-600dhp firmware

Hw-450hp-zwe firmware

Wapm-ag300n firmware

Wapm-apg300n firmware

Wcr-300 firmware

Whr-300 firmware

Whr-300hp firmware

Whr-hp-g300n firmware

Wpl-05g300 firmware

Wxr-1750dhp firmware

Wxr-1900dhp firmware

Wzr-1166dhp2 firmware

Wzr-1166dhp firmware

Wzr-1750dhp2 firmware

Wzr-1750dhp firmware

Wzr-300hp firmware

Wzr-450hp-cwt firmware

Wzr-450hp-ub firmware

Wzr-450hp firmware

Wzr-600dhp firmware

Wzr-d1100h firmware

Wzr-hp-ag300h firmware

Wzr-hp-g300nh firmware

Wzr-hp-g301nh firmware

Wzr-hp-g302h firmware

Wzr-hp-g450h firmware

Wzr-s1750dhp firmware

Wapm-1166d firmware

Wapm-apg600h firmware

Wmr-433 firmware

Wmr-433w firmware

Wcr-1166ds firmware

Wxr-1900dhp2 firmware

Ts5600d1206 firmware

Copyright 2024, cxsecurity.com