Latest Security News about router

Contact US For API Security>

Incorrect Control over DrayTek Vigor Router

Overview : On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product. On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product. Affected Product(s) […]

Contact US For API Security>

API Security Web Application Firewall

How can you secure your Exposed services without installing the patch by the vendor? Have a look at the use case below about recent security updates by router giant cisco. Recently 12 severe security vulnerabilities and Patches issued by Cisco. Among those three of them are critical authentication bypass issues. Now lets drill deep down, CVE-2019-15975, […]

Contact US For API Security>

Unauthenticated Remote Code Execution Vulnerability in D-Link DIR-859

Overview : D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php. Affected Product(s) : D-Link DIR-859 before v1.07b03_beta Vulnerability Details : CVE ID : CVE-2019-20213 In order for this security exploit to be done a malicious user would have to get access to the LAN-side or in-home […]