Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
home firmware vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2017-5254
In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after disabling a client-side protection mechanism.
Cambiumnetworks Epmp 1000 Firmware
Cambiumnetworks Epmp 2000 Firmware
NA
CVE-2022-28371
On Verizon 5G Home LVSKIHP InDoorUnit (IDU) 3.4.66.162 and OutDoorUnit (ODU) 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static certificate for access control. This certificate is embedded in the firmware, and is identical across the fleet of devices. An attacker...
Verizon Lvskihp Indoorunit Firmware 3.4.66.162
Verizon Lvskihp Outdoorunit Firmware 3.33.101.0
6.8
CVSSv2
CVE-2018-3892
An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulne...
Yitechnology Yi Home Camera Firmware 1.8.7.0d
5
CVSSv2
CVE-2022-31485
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which cont...
Hidglobal Lp1501 Firmware
Hidglobal Lp1502 Firmware
Hidglobal Lp2500 Firmware
Hidglobal Lp4502 Firmware
Hidglobal Ep4502 Firmware
Carrier Lenels2 Lnl-4420 Firmware
Carrier Lenels2 Lnl-x2210 Firmware
Carrier Lenels2 Lnl-x2220 Firmware
Carrier Lenels2 Lnl-x3300 Firmware
Carrier Lenels2 Lnl-x4420 Firmware
Carrier Lenels2 S2-lp-1501 Firmware
Carrier Lenels2 S2-lp-1502 Firmware
Carrier Lenels2 S2-lp-2500 Firmware
Carrier Lenels2 S2-lp-4502 Firmware
4.6
CVSSv2
CVE-2018-3890
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerabi...
Yitechnology Yi Home Camera Firmware 1.8.7.0d
10
CVSSv2
CVE-2014-9222
AllegroSoft RomPager 4.34 and previous versions, as used in Huawei Home Gateway products and other vendors and products, allows remote malicious users to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.
Allegrosoft Rompager
4 Metasploit modules
1 Nmap script
3 Github repositories
2 Articles
6.5
CVSSv2
CVE-2018-15481
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x prior to 5.1.13 allows authenticated remote malicious users to escape the shell and escalate their privileges by adding a LocalCommand to the S...
Ucopia Wireless Appliance Firmware
5
CVSSv2
CVE-2018-3928
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting in denial of service. An attacker can send a set of packets to trigger this vulne...
Yitechnology Yi Home Camera Firmware 1.8.7.0d
7.5
CVSSv2
CVE-2018-3934
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of p...
Yitechnology Yi Home Camera Firmware 1.8.7.0d
5
CVSSv2
CVE-2019-11998
HPE Superdome Flex Server is vulnerable to multiple remote vulnerabilities via improper input validation of administrator commands. This vulnerability could allow an Administrator to bypass security restrictions and access multiple remote vulnerabilities including information dis...
Hpe Superdome Flex Server Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »