Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wave vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-9057
Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. An attacker can also capture and replay Z-Wave traffic. Firmware upgra...
Linear Wadwaz-1 3.43
Linear Wapirz-1 3.43
Silabs 100 Series Firmware
Silabs 200 Series Firmware
Silabs 300 Series Firmware
6.5
CVSSv3
CVE-2020-9059
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level.
Silabs 500 Series Firmware
Schlage Be468 3.42
6.5
CVSSv3
CVE-2020-9061
Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed rout...
Aeotec Zw090-a 3.95
Samsung Sth-eth-200 6.04
Silabs Uzb-7 7.00
Zooz Zst10 6.04
Silabs 500 Series Firmware
Silabs 700 Series Firmware -
6.5
CVSSv3
CVE-2020-10137
Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated malicious user to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blockin...
Silabs Uzb-7 7.00
Silabs 700 Series Firmware
5.9
CVSSv3
CVE-2021-35521
A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices prior to 2.6.2 allows remote authenticated malicious users to achieve denial of services and information disclosure via TCP/IP packets.
Idemia Morphowave Compact Mdpi Firmware
Idemia Morphowave Compact Mdpi-m Firmware
Idemia Visionpass Mdpi Firmware
Idemia Visionpass Mdpi-m Firmware
Idemia Visionpass Md Firmware -
Idemia Morphowave Compact Md Firmware -
6.2
CVSSv3
CVE-2021-35520
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices prior to 2.6.2 allows physically proximate authenticated malicious users to achieve code execution, denial of services, and information disclosure via serial ports.
Idemia Morphowave Compact Mdpi Firmware
Idemia Morphowave Compact Mdpi-m Firmware
Idemia Visionpass Mdpi Firmware
Idemia Visionpass Mdpi-m Firmware
9.8
CVSSv3
CVE-2021-35522
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices prior to 2.6.2, Sigma devices prior to 4.9.4, and MA VP MD devices prior to 4.9.7 allows remote malicious users to achieve code execution, denial of services, and information disclos...
Idemia Morphowave Compact Mdpi Firmware
Idemia Morphowave Compact Mdpi-m Firmware
Idemia Visionpass Mdpi Firmware
Idemia Visionpass Mdpi-m Firmware
Idemia Visionpass Md Firmware -
Idemia Morphowave Compact Md Firmware -
Idemia Sigma Lite Firmware -
Idemia Sigma Lite\\+ Firmware -
Idemia Sigma Wide Firmware -
Idemia Sigma Extreme Firmware -
Idemia Ma Vp Md Firmware -
7.2
CVSSv3
CVE-2021-1548
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote malicious user to perform command injection attacks against an affected device. These vulnerabilitie...
Cisco Wap125 Firmware
Cisco Wap131 Firmware
Cisco Wap150 Firmware
Cisco Wap351 Firmware
Cisco Wap361 Firmware
Cisco Wap581 Firmware
7.2
CVSSv3
CVE-2021-1547
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote malicious user to perform command injection attacks against an affected device. These vulnerabilitie...
Cisco Wap125 Firmware
Cisco Wap131 Firmware
Cisco Wap150 Firmware
Cisco Wap351 Firmware
Cisco Wap361 Firmware
Cisco Wap581 Firmware
7.2
CVSSv3
CVE-2021-1549
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote malicious user to perform command injection attacks against an affected device. These vulnerabilitie...
Cisco Wap125 Firmware
Cisco Wap131 Firmware
Cisco Wap150 Firmware
Cisco Wap351 Firmware
Cisco Wap361 Firmware
Cisco Wap581 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »