Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 08/10/2012 Updated: 29/08/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in webconfig/admin_passwd/passwd.html/admin_passwd in Xavi X7968 allows remote malicious users to hijack the authentication of administrators for requests that change the administrator password via the sysUserName, sysPassword, and sysCfmPwd parameters.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xavi x7968 -

source: wwwsecurityfocuscom/bid/52098/info Xavi 7968 ADSL Router is prone to cross-site scripting, HTML-injection and cross-site request forgery vulnerabilities The attacker can exploit the issues to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authenticatio ...

CWE-352 http://packetstormsecurity.org/files/109987/Xavi-7968-ADSL-Router-Cross-Site-Request-Forgery-Cross-Site-Scripting.html http://secunia.com/advisories/48050 http://www.securityfocus.com/bid/52098 https://exchange.xforce.ibmcloud.com/vulnerabilities/73354 https://nvd.nist.gov https://www.exploit-db.com/exploits/36864/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-5323

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect