Vulmon Recent Vulnerabilities Trends About Contact

firmware vulnerabilities and exploits

(subscribe to this query)

9.3
CVSSv2
CVE-2013-2645
Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka "FTP directory traversal") to...
Tp-linkFirmware
5.1
CVSSv2
CVE-2003-1320
SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of...
SonicwallFirmware
2.1
CVSSv2
CVE-2008-1431
RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partition encryption key in an unencrypted /system/.crypt file with base64 encoding, which allows local users to obtain the key....
Raidsonic TechnologyFirmware
5.6
CVSSv2
CVE-2015-4049
Unisys Libra 43xx, 63xx, and 83xx, and FS600 class systems with MCP-FIRMWARE 40.0 before 40.0IC4 Build 270 might allow remote authenticated users to cause a denial of service (data corruption or system crash) via vectors related to using program operators during EPSILON (level...
UnisysMcp-firmware
4.6
CVSSv2
CVE-2017-13684
Unisys Libra 64xx and 84xx and FS601 class systems with MCP-FIRMWARE before 43.211 allow remote authenticated users to cause a denial of service (program crash) or have unspecified other impact via vectors related to incorrect literal handling, which trigger CPM stack corruption....
UnisysMcp-firmware
4.3
CVSSv2
CVE-2014-8653
Cross-site scripting (XSS) vulnerability in Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to inject arbitrary web script or HTML via the userData cookie....
Compal Broadband NetworksCg6640e Wireless GatewayCh664oe Wireless GatewayFirmware
9
CVSSv2
CVE-2017-11495
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action....
PhicommK2(psg1218)-firmware
5
CVSSv2
CVE-2017-15031
In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information....
ArmArm-trusted-firmware
6.8
CVSSv2
CVE-2014-8654
Multiple cross-site request forgery (CSRF) vulnerabilities in Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway hardware 1.0 with firmware CH6640-3.5.11.7-NOSH allow remote attackers to hijack the authentication of administrators for requests that (1) have...
Compal Broadband NetworksFirmwareCg6640e Wireless GatewayCh664oe Wireless Gateway
5
CVSSv2
CVE-2001-0888
Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers to cause a denial of service via a SNMP request with (1) a community string other than "public" or (2) an unknown OID, which causes the WAP to deny subsequent SNMP requests....
AtmelFirmwareLinksysWap11NetgearMe102
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2019-0708CVE-2020-13693CVE-2020-10959information disclosureCVE-2020-13659CVE-2020-13754quickboxCSRFmulti serverXML external entitydockerverizonCVE-2019-12027