Vulnerabilities > Philippine Long Distance Telephone
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-09-21 | CVE-2015-5993 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Philippine Long Distance Telephone Kasda Kw58293 Firmware and Speedsurf 504An Firmware Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to cause a denial of service (device outage) via a long ipaddr parameter. | 7.8 |
| 2015-09-21 | CVE-2015-5992 | Cross-site Scripting vulnerability in Philippine Long Distance Telephone Kasda Kw58293 Firmware and Speedsurf 504An Firmware Cross-site scripting (XSS) vulnerability in form2WlanSetup.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to inject arbitrary web script or HTML via the ssid parameter. | 4.3 |
| 2015-09-21 | CVE-2015-5991 | Cross-Site Request Forgery (CSRF) vulnerability in Philippine Long Distance Telephone Kasda Kw58293 Firmware and Speedsurf 504An Firmware Cross-site request forgery (CSRF) vulnerability in form2WlanSetup.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to hijack the authentication of administrators for requests that perform setup operations, as demonstrated by modifying network settings. | 6.8 |