Lucene search
MitreCVELIST:CVE-2017-8835HistoryJun 05, 2017 - 2:00 p.m.
CVE-2017-8835
2017-06-0514:00:00
mitre
www.cve.org
5
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a session ID can be retrieved from the sessions database.
Related
cve
cve
CVE-2017-8835
2017-06-05 14:29:00
nvd
nvd
CVE-2017-8835
2017-06-05 14:29:00
packetstorm
packetstorm
Peplink Balance Routers SQL Injection
2024-08-31 00:00:00
Peplink 7.0.0-build1904 XSS / CSRF / SQL Injection / File Deletion
2017-06-05 00:00:00
prion
prion
Sql injection
2017-06-05 14:29:00
metasploit
metasploit
Peplink Balance routers SQLi
2020-08-27 14:28:39
openvas
openvas
Peplink Balance Routers Multiple Vulnerabilities
2017-06-06 00:00:00
zdt
zdt
Peplink Balance Routers 7.0.0-build1904 - Multiple Vulnerabilities
2017-06-06 00:00:00
seebug
seebug
Multiple Vulnerabilities in peplink balance routers
2017-06-06 00:00:00
exploitpack
exploitpack
exploitdb
exploitdb