RSS   Podatności dla 'Ht802 firmware'   RSS

2017-11-06
 
CVE-2017-16565

CWE-352
 

 
Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests.

 
 
CVE-2017-16564

CWE-79
 

 
Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on Vonage (Grandstream) HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field (P148).

 
 
CVE-2017-16563

CWE-352
 

 
Cross-Site Request Forgery (CSRF) in the Basic Settings screen on Vonage (Grandstream) HT802 devices allows attackers to modify settings, related to cgi-bin/update.

 

 >>> Vendor: Grandstream 29 Produkty
Budgetone
Budgetone 101
Budgetone 102
Gxp-2000
Budgetone 200
Sip phone
Ht488
Gxv3500
Gxv3501
Gxv3504
Gxv3601
Gxv3601hd/ll
Gxv3611hd/ll
Gxv3615w/p
Gxv3615wp hd
Gxv3651fhd
Gxv3662hd
Gxv device firmware
Gxv3611 hd firmware
WAVE
Ht802 firmware
Gxp1610 firmware
Gxp1615 firmware
Gxp1620 firmware
Gxp1625 firmware
Gxp1628 firmware
Gxp1630 firmware
Gac2500 firmware
Gxp2200 firmware


Copyright 2024, cxsecurity.com

 

Back to Top