Zyxel: >> Gs1900-10hp Firmware >> 2.40 Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users.
CVSS Score
8.8
EPSS Score
0.001
Published
2015-12-31
Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to obtain administrative privileges via certain changes to LockStatus and Login_Success values.
CVSS Score
9.8
EPSS Score
0.011
Published
2015-12-31
The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.
CVSS Score
9.8
EPSS Score
0.005
Published
2015-12-31
Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.
CVSS Score
8.6
EPSS Score
0.005
Published
2015-12-31
Page 4