Skip to main content

Almond Firmware

5 CVEs product

Monthly

CVE-2015-7296 MEDIUM PATCH This Month

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a linear algorithm for selecting the ID value in the header of a DNS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Almond Firmware Almond 2015 Firmware
NVD
CVSS 2.0
4.3
EPSS
1.1%
CVE-2015-2917 MEDIUM PATCH This Month

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Almond Firmware Almond 2015 Firmware
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2015-2916 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability on Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M allows remote attackers. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Almond 2015 Firmware Almond Firmware
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-2915 HIGH PATCH This Week

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Authentication Bypass Almond Firmware Almond 2015 Firmware
NVD
CVSS 2.0
7.3
EPSS
0.3%
CVE-2015-2914 MEDIUM PATCH This Month

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Almond Firmware Almond 2015 Firmware
NVD
CVSS 2.0
5.0
EPSS
0.8%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a linear algorithm for selecting the ID value in the header of a DNS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Almond Firmware Almond 2015 Firmware
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Almond Firmware Almond 2015 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability on Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M allows remote attackers. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Almond 2015 Firmware Almond Firmware
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Authentication Bypass Almond Firmware Almond 2015 Firmware
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Almond Firmware Almond 2015 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy