Security Vulnerabilities, CVEs, Published In January 2007 (Bypass)

CVE-2007-0435

T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and reconfigure the device via a LOGINKEY=TECOM cookie value.
Max CVSS
7.5
EPSS Score
6.93%
Published
2007-01-23
Updated
2018-10-16

CVE-2007-0418

BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote attackers to obtain unauthorized access to these methods.
Max CVSS
7.5
EPSS Score
4.43%
Published
2007-01-23
Updated
2011-03-08

CVE-2007-0184

Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks.
Max CVSS
7.5
EPSS Score
1.59%
Published
2007-01-12
Updated
2017-07-29

CVE-2007-0057

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access.
Max CVSS
10.0
EPSS Score
0.85%
Published
2007-01-04
Updated
2018-11-01
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close