Sagemcom F@ST 5280 routers using firmware version 1.150.61, and possibly others, have an insecure deserialization vulnerability that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise.
b749b45a358358330f8fd5f3cec1a2eb0a30872b9d8f5cd95aaf47010c1890ef
Verint Impact 360 version 15.1 suffers from a cross site request forgery vulnerability.
8c1ec5a43ee4412962b923d2c0abe80de645b915f6144f18aa147efd40de3464
Verint Impact 360 version 15.1 suffers from an open redirection vulnerability.
f865cfc6fcac1fa347c28f60b5047a71f7ccd1d751dcc60cb93b1f3ddbca5721
Verint Impact 360 version 15.1 has an issue where the helpURL parameter in wfo/help/help_popup.jsp can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product is installed, given the attacker can convince a victim to visit a crafted link.
037db083b292ddba6c882f5cb6d036f5ab65f22b3161e14d9ede682bd0105457
Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly others), in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.
c2db5ec63dcee8bb5c083080884392540c1d051134888b5324d8f89c4c0cb50d
Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.
a8620cfd1ed239f5a681eebba7f54e300e332b8a58ce2704698bd1ea6a629401