: < S3.0.501
Severity: Low to medium
Vendor notified: Yes
Reported:
Public release:
Author: Lyon Yang
Summary:
1. Insecure Direct Object Reference (CVE-2014-8356)
---
The administrative web application does not enforce authorization on the
ser
: < S3.0.501
Severity: High
Vendor notified: Yes
Reported:
Public release:
Author: Lyon Yang
Summary:
ZHONE RGW is vulnerable to stack-based buffer overflow attacks due to the
use of unsafe string functions without sufficient input validation in the
httpd binary. Two exploitable conditi
