routers software vulnerabilities
vulnerabilities.aspcode.net
Searching routers software vulnerabilities
Denial of service in Ascend and 3com routers, w
rebooted
|
sending
|
routers
|
service
|
option
|
Denial
|
Ascend
|
length
|
which
|
3com
|
zero
|
TCP
|
can
|
Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option.
Denial of service in Cisco routers running NAT
routers
|
running
|
command
|
service
|
client
|
Denial
|
Telnet
|
Cisco
|
PORT
|
FTP
|
NAT
|
via
|
Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.
Livingston Portmaster routers running ComOS use
Portmaster
|
Livingston
|
sequence
|
initial
|
routers
|
running
|
number
|
ComOS
|
same
|
use
|
Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions.
Cisco routers 9.17 and earlier allow remote att
routers
|
Cisco
|
Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
The on-line help system options in Cisco router
non-privileged
|
information
|
sensitive
|
"enabled"
|
without
|
routers
|
command
|
options
|
on-line
|
access
|
obtain
|
system
|
allows
|
Cisco
|
users
|
show
|
help
|
via
|
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.
Cisco routers and switches running IOS 12.0 thr
switches
|
running
|
routers
|
Cisco
|
IOS
|
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.
Cross-site scripting vulnerability in web admin
administration
|
vulnerability
|
Cross-site
|
arbitrary
|
attackers
|
interface
|
scripting
|
contains
|
another
|
execute
|
Routers
|
Gateway
|
NetGear
|
script
|
client
|
remote
|
allows
|
RT314
|
RT311
|
web
|
URL
|
via
|
Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script.
Netgear RM-356 and RT-338 series SOHO routers a
attackers
|
routers
|
service
|
Netgear
|
remote
|
RM-356
|
denial
|
RT-338
|
series
|
cause
|
allow
|
SOHO
|
Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap.
Buffer overflow in Lucent Access Point 300, 600
overflow
|
Access
|
Lucent
|
Buffer
|
Point
|
Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface.
Cisco CSS 11000 routers on the CS800 chassis al
Cisco
|
CSS
|
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."
Enterasys XSR-1800 series Security Routers, whe
Enterasys
|
Security
|
firmware
|
XSR-1800
|
running
|
Routers
|
series
|
Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record route option set.
ZyXEL Prestige 623, 650, and 652 HW Routers, an
Prestige
|
ZyXEL
|
ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL.
The web management interface in Edimax AR-6004
administrator
|
management
|
attackers
|
interface
|
password
|
default
|
Routers
|
AR-6004
|
appear
|
allows
|
remote
|
Edimax
|
access
|
login
|
which
|
gain
|
text
|
uses
|
ADSL
|
also
|
name
|
web
|
The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access.
Belkin 54g wireless routers do not properly set
administrative
|
attackers
|
properly
|
password
|
wireless
|
routers
|
allows
|
Belkin
|
access
|
remote
|
which
|
gain
|
not
|
via
|
set
|
54g
|
Belkin 54g wireless routers do not properly set an administrative password, which allows remote attackers to gain access via the (1) Telnet or (2) weba dministration interfaces.
Belkin F5D7232-4 and F5D7230-4 wireless routers
F5D7230-4
|
F5D7232-4
|
firmware
|
wireless
|
routers
|
Belkin
|
Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management inferface without authentication.
Unspecified vulnerability in Juniper Networks J
vulnerability
|
demonstrated
|
Unspecified
|
E-series
|
Networks
|
vectors
|
related
|
unknown
|
"client
|
Juniper
|
routers
|
attack
|
PROTOS
|
before
|
JUNOSe
|
remote
|
impact
|
OUSPG
|
suite
|
7-1-1
|
code"
|
test
|
has
|
DNS
|
Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS "client code," as demonstrated by the OUSPG PROTOS DNS test suite.
The web-based management interface in 2Wire, In
OfficePortal
|
management
|
HomePortal
|
attackers
|
web-based
|
interface
|
service
|
routers
|
remote
|
denial
|
allows
|
Series
|
modems
|
2Wire
|
cause
|
Inc
|
The web-based management interface in 2Wire, Inc. HomePortal and OfficePortal Series modems and routers allows remote attackers to cause a denial of service (crash) via a CRLF sequence in a GET request.
T-Com Speedport 500V routers with firmware 1.31
Speedport
|
firmware
|
routers
|
T-Com
|
500V
|
T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and reconfigure the device via a LOGINKEY=TECOM cookie value.
2wire 1701HG and 2071 Gateway routers, with 5.2
1701HG
|
2wire
|
2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly 3.17.5 software, have a blank password by default.
Software vulnerabilities results 1 to 20 of 44
Page:
1
2
3
►