CyberSecurityBoard
Sponsor Register Login

CVE-2018-9249

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location'login.html' JavaScript code in the response to an unauthenticated request.

Publication date: Wed, 04 Apr 2018 20:29:00 +0000


Cyber News related to CVE-2018-9249

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
55 years ago Tenable.com
CVE-2024-9249 - Addressed potential issues where the application could be exposed to an Out-of-Bounds Read/Write vulnerability and crash when parsing certain PDF files or handling certain Annotation objects, which attackers could exploit to execute remote code. This ...
4 months ago Tenable.com
CVE-2018-9249 - FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location'login.html' JavaScript code in the response to an unauthenticated request. ...
6 years ago
CVE-2024-9248 - Addressed potential issues where the application could be exposed to an Out-of-Bounds Read/Write vulnerability and crash when parsing certain PDF files or handling certain Annotation objects, which attackers could exploit to execute remote code. This ...
4 months ago Tenable.com
CVE-2024-9247 - Addressed potential issues where the application could be exposed to an Out-of-Bounds Read/Write vulnerability and crash when parsing certain PDF files or handling certain Annotation objects, which attackers could exploit to execute remote code. This ...
4 months ago Tenable.com
CVE-2014-9249 - The default configuration of Zenoss Core before 5 allows remote attackers to read or modify database information by connecting to unspecified open ports, aka ZEN-15408. ...
8 years ago
CVE-2016-9249 - An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS). ...
7 years ago
CVE-2015-9249 - An issue was discovered in Skybox Platform before 7.5.201. SQL Injection exists in /skyboxview/webservice/services/VersionWebService via a soapenv:Body element. ...
7 years ago
CVE-2019-9249 - In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: ...
5 years ago
CVE-2017-9249 - Cross-site scripting (XSS) vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be ...
4 years ago
CVE-2020-9249 - HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have a denial of service vulnerability. A module does not deal with mal-crafted messages and it leads to memory leak. Attackers can exploit this vulnerability to make the ...
3 years ago
CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago
CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago
CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago
CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0769 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago
CVE-2018-0778 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)