cyberTAN Corp - Security Researcher - Exploit Intelligence Platform

CVE-2013-2679 EXPLOITDB MEDIUM WORKING POC

Cisco Linksys E4200 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi.

CVSS 6.1

View Code

CVE-2013-2680 EXPLOITDB HIGH WORKING POC

Cisco Linksys E4200 <1.0.05 - Info Disclosure

Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information.

CVSS 7.5

View Code

CVE-2013-2681 EXPLOITDB CRITICAL WORKING POC

Cisco Linksys E4200 <1.0.05 Build 7 - Auth Bypass

Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to gain unauthorized access.

CVSS 9.8

View Code

CVE-2013-2682 EXPLOITDB MEDIUM WORKING POC

Cisco Linksys E4200 <1.0.05 Build 7 - Info Disclosure

Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information.

CVSS 4.3

View Code

CVE-2013-2683 EXPLOITDB MEDIUM WORKING POC

Cisco Linksys E4200 <1.0.05 - Info Disclosure

Cisco Linksys E4200 1.0.05 Build 7 devices contain an Information Disclosure Vulnerability which allows remote attackers to obtain private IP addresses and other sensitive information.

CVSS 5.3

View Code

CVE-2013-2678 EXPLOITDB HIGH text WORKING POC

Cisco Linksys E4200 1.0.05 - Code Injection

Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter.

CVSS 8.1

View Code

CVE-2013-2684 EXPLOITDB MEDIUM text WORKING POC

Cisco Linksys E4200 1.0.05 - XSS

Cross-site Scripting (XSS) in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 6.1

View Code