Vulnerabilities > Digisol

DATE CVE VULNERABILITY TITLE RISK
2021-01-06 CVE-2020-35262 Cross-site Scripting vulnerability in Digisol Dg-Hr3400 Firmware
Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter.
network
digisol CWE-79
4.3
2019-07-05 CVE-2018-14027 Cross-site Scripting vulnerability in Digisol Dg-Hr-3300 Firmware
Digisol Wireless Wifi Home Router HR-3300 allows XSS via the userid or password parameter to the admin login page.
network
digisol CWE-79
4.3
2019-07-03 CVE-2018-12715 Cross-site Scripting vulnerability in Digisol Dg-Hr3400 Firmware
DIGISOL DG-HR3400 devices have XSS via a modified SSID when the apssid value is unchanged.
network
digisol CWE-79
4.3
2018-06-24 CVE-2018-12706 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Digisol Dg-Br4000Ng Firmware
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
network
low complexity
digisol CWE-119
7.5
2018-06-24 CVE-2018-12705 Cross-site Scripting vulnerability in Digisol Dg-Br4000Ng Firmware
DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).
network
digisol CWE-79
4.3
2017-03-14 CVE-2017-6896 Reliance on Cookies without Validation and Integrity Checking vulnerability in Digisol Dg-Hr1400 Router Firmware 1.00.02
Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an attacker to escalate from user privilege to admin privilege just by modifying the Base64-encoded session cookie value.
network
low complexity
digisol CWE-565
6.5
2017-02-21 CVE-2017-6127 Cross-Site Request Forgery (CSRF) vulnerability in Digisol Dg-Hr1400 Firmware 1.00.02
Multiple cross-site request forgery (CSRF) vulnerabilities in the access portal on the DIGISOL DG-HR1400 Wireless Router with firmware 1.00.02 allow remote attackers to hijack the authentication of administrators for requests that (1) change the SSID, (2) change the Wi-Fi password, or (3) possibly have unspecified other impact via crafted requests to form2WlanBasicSetup.cgi.
network
digisol CWE-352
6.8