The eSoft InstaGate EX2 UTM device stores the admin password within the settings HTML document, which might allow context-dependent attackers to obtain sensitive information by reading this document.
Max CVSS
7.6
EPSS Score
0.55%
Published
2007-07-15
Updated
2018-10-15
The eSoft InstaGate EX2 UTM device does not require entry of the old password when changing the admin password, which might allow remote attackers to gain privileges by conducting a CSRF attack, making a password change from an unattended workstation, or other attacks.
Max CVSS
7.5
EPSS Score
1.86%
Published
2007-07-15
Updated
2018-10-15
Cross-site request forgery (CSRF) vulnerability on the eSoft InstaGate EX2 UTM device before firmware 3.1.20070615 allows remote attackers to perform privileged actions as administrators. NOTE: the vendor disputes the distribution of the vulnerable software, stating that it was a custom build for a former customer
Max CVSS
9.3
EPSS Score
2.25%
Published
2007-07-15
Updated
2024-03-21
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!