Search
Search Results (8 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-12812 | 1 Radware | 1 Cyber Controller | 2026-06-23 | 3.5 Low |
| A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2009-2301 | 1 Radware | 2 Appwall, Gateway | 2026-04-23 | N/A |
| The radware AppWall Web Application Firewall (WAF) 1.0.2.6, with Gateway 4.6.0.2, allows remote attackers to read source code via a direct request to (1) funcs.inc, (2) defines.inc, or (3) msg.inc in Management/. | ||||
| CVE-2026-5754 | 1 Radware | 1 Alteon | 2026-04-21 | 6.1 Medium |
| Reflected Cross-Site Scripting (XSS) Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities. | ||||
| CVE-2025-57444 | 1 Radware | 1 Alteonos | 2026-04-15 | 6.1 Medium |
| An authenticated cross-site scripting (XSS) vulnerability in the Administrative interface of Radware AlteonOS Web UI Management v33.0.4.50 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Description parameter. | ||||
| CVE-2024-56523 | 1 Radware | 1 Cloud Waf | 2025-07-01 | 9.1 Critical |
| Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass firewall filters by placing random data in the HTTP request body when using the HTTP GET method. | ||||
| CVE-2024-56524 | 1 Radware | 1 Cloud Waf | 2025-07-01 | 9.1 Critical |
| Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass firewall filters by adding a special character to the request. | ||||
| CVE-2016-10212 | 1 Radware | 1 Alteon | 2025-04-20 | N/A |
| Radware devices use the same value for the first two GCM nonces, which allows remote attackers to obtain the authentication key and spoof data via a "forbidden attack," a similar issue to CVE-2016-0270. NOTE: this issue may be due to the use of a third-party Cavium product. | ||||
| CVE-2017-17427 | 1 Radware | 2 Alteon, Alteon Firmware | 2025-04-20 | N/A |
| Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations. | ||||
Page 1 of 1.