NETGEAR JNR1010 devices before 1.0.0.32 hacks

Overview :

NETGEAR JNR1010 devices flaws

Affected Product(s) :

Netgear Router JNR1010 Version 1.0.0.24

Vulnerability Details :

CVE ID :	CVE-2016-11014
	This flaw may allow a successful attacker to do anything gaining the privilege of the router being in LAN/WAN.
CVE ID :	CVE-2016-11015
	Using this flaw, an attacker can cause victims to change any data the victim is allowed to change or perform any function the victim is authorized to use.
CVE ID :	CVE-2016-11016
	Created a forged request changing the value of any variable, here it is :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL variable in the URL http://router-ip/cgi-bin/webproc and sent it to victim forcing him/her to click on the malicious link

Solution :
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

Contact us to get started

CVE-2024-48889 : FORTINET FORTIMANAGER UP TO 6.4.14/7.0.12/7.2.7/7.4.4/7.6.0 FGFM REQUEST OS COMMAND INJECTION

Description An Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability [CWE-78] in FortiManager version

Learn more

CVE-2023-34990 : FORTINET FORTIWLM UP TO 8.5.4/8.6.5 WEB REQUEST PATH TRAVERSAL

Description A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute

Learn more

CVE-2024-47104 : IBM I 7.4/7.5 PHYSICAL FILE SECURITY ATTRIBUTES PERMISSION ASSIGNMENT

Description IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A

Learn more