Search criteria
4 vulnerabilities found for sbg3300-n_firmware by zyxel
CVE-2014-7278 (GCVE-0-2014-7278)
Vulnerability from nvd – Published: 2014-10-04 10:00 – Updated: 2024-08-06 12:47
VLAI?
Summary
The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginMsg variable's value, a different vulnerability than CVE-2014-7277.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:47:31.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128550/ZyXEL-SBG-3300-Security-Gateway-Denial-Of-Service.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0025.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/20"
},
{
"name": "zyxelsbg3300-cve20147278-dos(96892)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96892"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified \"welcome message\" form data that is improperly handled during use for the loginMsg variable\u0027s value, a different vulnerability than CVE-2014-7277."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128550/ZyXEL-SBG-3300-Security-Gateway-Denial-Of-Service.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0025.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/20"
},
{
"name": "zyxelsbg3300-cve20147278-dos(96892)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96892"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified \"welcome message\" form data that is improperly handled during use for the loginMsg variable\u0027s value, a different vulnerability than CVE-2014-7277."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128550/ZyXEL-SBG-3300-Security-Gateway-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128550/ZyXEL-SBG-3300-Security-Gateway-Denial-Of-Service.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0025.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/20"
},
{
"name": "zyxelsbg3300-cve20147278-dos(96892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96892"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7278",
"datePublished": "2014-10-04T10:00:00.000Z",
"dateReserved": "2014-10-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:47:31.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7277 (GCVE-0-2014-7277)
Vulnerability from nvd – Published: 2014-10-04 10:00 – Updated: 2024-08-06 12:47
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified "welcome message" form data that is improperly handled during rendering of the loginMessage list item, a different vulnerability than CVE-2014-7278.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:47:31.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0024.html"
},
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/19"
},
{
"name": "70232",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70232"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128551/ZyXEL-SBG-3300-Security-Gateway-Cross-Site-Scripting.html"
},
{
"name": "zyxelsbg3300-cve20147277-xss(96891)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96891"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified \"welcome message\" form data that is improperly handled during rendering of the loginMessage list item, a different vulnerability than CVE-2014-7278."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0024.html"
},
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/19"
},
{
"name": "70232",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70232"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128551/ZyXEL-SBG-3300-Security-Gateway-Cross-Site-Scripting.html"
},
{
"name": "zyxelsbg3300-cve20147277-xss(96891)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96891"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified \"welcome message\" form data that is improperly handled during rendering of the loginMessage list item, a different vulnerability than CVE-2014-7278."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0024.html"
},
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/19"
},
{
"name": "70232",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70232"
},
{
"name": "http://packetstormsecurity.com/files/128551/ZyXEL-SBG-3300-Security-Gateway-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128551/ZyXEL-SBG-3300-Security-Gateway-Cross-Site-Scripting.html"
},
{
"name": "zyxelsbg3300-cve20147277-xss(96891)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96891"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7277",
"datePublished": "2014-10-04T10:00:00.000Z",
"dateReserved": "2014-10-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:47:31.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7277 (GCVE-0-2014-7277)
Vulnerability from cvelistv5 – Published: 2014-10-04 10:00 – Updated: 2024-08-06 12:47
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified "welcome message" form data that is improperly handled during rendering of the loginMessage list item, a different vulnerability than CVE-2014-7278.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:47:31.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0024.html"
},
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/19"
},
{
"name": "70232",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70232"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128551/ZyXEL-SBG-3300-Security-Gateway-Cross-Site-Scripting.html"
},
{
"name": "zyxelsbg3300-cve20147277-xss(96891)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96891"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified \"welcome message\" form data that is improperly handled during rendering of the loginMessage list item, a different vulnerability than CVE-2014-7278."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0024.html"
},
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/19"
},
{
"name": "70232",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70232"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128551/ZyXEL-SBG-3300-Security-Gateway-Cross-Site-Scripting.html"
},
{
"name": "zyxelsbg3300-cve20147277-xss(96891)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96891"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified \"welcome message\" form data that is improperly handled during rendering of the loginMessage list item, a different vulnerability than CVE-2014-7278."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0024.html"
},
{
"name": "20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/19"
},
{
"name": "70232",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70232"
},
{
"name": "http://packetstormsecurity.com/files/128551/ZyXEL-SBG-3300-Security-Gateway-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128551/ZyXEL-SBG-3300-Security-Gateway-Cross-Site-Scripting.html"
},
{
"name": "zyxelsbg3300-cve20147277-xss(96891)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96891"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7277",
"datePublished": "2014-10-04T10:00:00.000Z",
"dateReserved": "2014-10-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:47:31.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7278 (GCVE-0-2014-7278)
Vulnerability from cvelistv5 – Published: 2014-10-04 10:00 – Updated: 2024-08-06 12:47
VLAI?
Summary
The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginMsg variable's value, a different vulnerability than CVE-2014-7277.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:47:31.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128550/ZyXEL-SBG-3300-Security-Gateway-Denial-Of-Service.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0025.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/20"
},
{
"name": "zyxelsbg3300-cve20147278-dos(96892)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96892"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified \"welcome message\" form data that is improperly handled during use for the loginMsg variable\u0027s value, a different vulnerability than CVE-2014-7277."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128550/ZyXEL-SBG-3300-Security-Gateway-Denial-Of-Service.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0025.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/20"
},
{
"name": "zyxelsbg3300-cve20147278-dos(96892)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96892"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified \"welcome message\" form data that is improperly handled during use for the loginMsg variable\u0027s value, a different vulnerability than CVE-2014-7277."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128550/ZyXEL-SBG-3300-Security-Gateway-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128550/ZyXEL-SBG-3300-Security-Gateway-Denial-Of-Service.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0025.html"
},
{
"name": "20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/20"
},
{
"name": "zyxelsbg3300-cve20147278-dos(96892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96892"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7278",
"datePublished": "2014-10-04T10:00:00.000Z",
"dateReserved": "2014-10-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:47:31.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}