Vulmon Recent Vulnerabilities Trends About Contact

firmware vulnerabilities and exploits

(subscribe to this query)

5.1
CVSSv2
CVE-2017-9607
The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image,...
ArmArm-trusted-firmware
10
CVSSv2
CVE-2014-8656
The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH have a default password of (1) admin for the admin account and (2) compalbn for the root account, which makes it easier for remote attackers to obtain access to...
Compal Broadband NetworksFirmwareCg6640e Wireless GatewayCh664oe Wireless Gateway
5
CVSSv2
CVE-2014-8655
The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to bypass authentication and obtain sensitive information via an (a) admin or a (b) root value in the userData cookie in a request to (1)...
Compal Broadband NetworksFirmwareCg6640e Wireless GatewayCh664oe Wireless Gateway
5
CVSSv2
CVE-2014-8657
The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to cause a denial of service (disconnect all wifi clients) via a request to wirelessChannelStatus.html....
Compal Broadband NetworksFirmwareCg6640e Wireless GatewayCh664oe Wireless Gateway
9
CVSSv2
CVE-2017-8333
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be...
SecurifiAlmond+firmwareAlmond 2015 FirmwareAlmond Firmware
6.5
CVSSv2
CVE-2017-8331
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the...
SecurifiAlmond+firmwareAlmond 2015 FirmwareAlmond Firmware
6.8
CVSSv2
CVE-2017-8337
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of executing various actions on the web management interface. It seems that the device does not implement any Origin header check...
SecurifiAlmond+firmwareAlmond 2015 FirmwareAlmond Firmware
6
CVSSv2
CVE-2017-8334
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking IP addresses using the web management interface. It seems that the device does not implement any cross-site scripting...
SecurifiAlmond+firmwareAlmond 2015 FirmwareAlmond Firmware
3.3
CVSSv2
CVE-2017-8330
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed...
SecurifiAlmond+firmwareAlmond 2015 FirmwareAlmond Firmware
6
CVSSv2
CVE-2017-8335
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It seems that the POST...
SecurifiAlmond+firmwareAlmond 2015 FirmwareAlmond Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2019-0708CVE-2020-13693CVE-2020-10959information disclosureCVE-2020-13659CVE-2020-13754quickboxCSRFmulti serverXML external entitydockerverizonCVE-2019-12027