Search Results | AttackerKB

Attacker Value

Disclosure Date: October 16, 2019 (last updated November 27, 2024)

NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS.

Attacker Value

Disclosure Date: October 16, 2019 (last updated November 27, 2024)

NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.

Attacker Value

Disclosure Date: October 16, 2019 (last updated November 27, 2024)

NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.

Quick Cookie Notification