CPE-DDA842EE-0CAC-4816-A5A2-3608813A079C Detail

CPE Details

Allegrosoft RomPager 4.01

Vendor

allegrosoft

Product

rompager

Version

4.01

Created

2024-01-23
16h59 +00:00

Modified

2024-01-23
16h59 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:allegrosoft:rompager:4.01:::::::*

Informations

Vendor

allegrosoft

Product

rompager

Version

4.01

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-0522	2024-01-14 23h00 +00:00	A vulnerability was found in Allegro RomPager 4.01. It has been classified as problematic. Affected is an unknown function of the file usertable.htm?action=delete of the component HTTP POST Request Handler. The manipulation of the argument username leads to cross-site request forgery. It is possible to launch the attack remotely. Upgrading to version 4.30 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-250692. NOTE: The vendor explains that this is a very old issue that got fixed 20 years ago but without a public disclosure.	8.8	High
CVE-2014-9222	2014-12-24 17h00 +00:00	AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.	10
CVE-2014-9223	2014-12-24 17h00 +00:00	Multiple buffer overflows in AllegroSoft RomPager, as used in Huawei Home Gateway products and other vendors and products, allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors related to authorization.	10
CVE-2013-6786	2014-01-16 18h00 +00:00	Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mechanism is bypassed, allows remote attackers to inject arbitrary web script or HTML by requesting a nonexistent URI in conjunction with a crafted HTTP Referer header that is not properly handled in a 404 page. NOTE: there is no CVE for a "URL redirection" issue that some sources list separately.	4.3

Allegrosoft RomPager 4.01

CPE Details

CPE Name: cpe:2.3:a:allegrosoft:rompager:4.01:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:allegrosoft:rompager:4.01:::::::*