soho software vulnerabilities

Searching soho software vulnerabilities

The web server for the SonicWALL SOHO firewall

The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request.

WatchGuard SOHO FireWall 2.2.1 and earlier allo

WatchGuard | FireWall | SOHO |

WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to cause a denial of service via a large number of GET requests.

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0

firewalls | SonicWALL | Tele2 | SOHO |

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.

SonicWALL SOHO uses easily predictable TCP sequ

SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.

Watchguard SOHO firewall 5.0.35 unpredictably d

Watchguard | firewall | SOHO |

Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP restrictions for customized services that were set before the administrator upgrades to 5.0.35, which could allow remote attackers to bypass the intended access control rules.

The FTP service in Watchguard Soho Firewall 5.0

The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with a correct password but an incorrect user name.

WatchGuard SOHO products running firmware 5.1.6

WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attckers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.

Netgear RM-356 and RT-338 series SOHO routers a

Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap.

The web interface for SOHO Routefinder 550 firm

Routefinder | interface | SOHO | web |

The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities.

Buffer overflow in Avirt Soho 4.3 allows remote

Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a denial of service (crash) via (1) a large GET request to port 1080 or (2) a large GET request of % characters to port 8080.

Cross-site scripting (XSS) vulnerability in D-L

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.

Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file.

Software vulnerabilities results 1 to 13 of 13

Page: 1

soho software vulnerabilities

vulnerabilities.aspcode.net

Searching soho software vulnerabilities