Skip to main content

Iap 420 Firmware

8 CVEs product

Monthly

CVE-2024-55548 MEDIUM This Month

Improper check of password character lenght in ORing IAP-420 allows a forced deadlock.01e. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Iap 420 Firmware
NVD
CVSS 4.0
6.9
EPSS
0.5%
CVE-2024-55547 CRITICAL Act Now

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection.01e. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Iap 420 Firmware
NVD
CVSS 4.0
9.3
EPSS
16.9%
CVE-2024-55546 HIGH POC This Week

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).01e and below. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iap 420 Firmware
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-55545 HIGH POC This Week

Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).01e and below. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iap 420 Firmware
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2024-55544 HIGH POC THREAT This Week

Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.01e and below. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Iap 420 Firmware
NVD
CVSS 4.0
8.7
EPSS
11.7%
CVE-2024-5411 HIGH POC THREAT This Week

Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.01e and below. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Iap 420 Firmware
NVD
CVSS 4.0
8.7
EPSS
23.4%
CVE-2024-5410 HIGH POC THREAT This Week

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).01e and below. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iap 420 Firmware
NVD
CVSS 4.0
8.3
EPSS
13.2%
CVE-2022-3203 CRITICAL POC Act Now

On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Iap 420 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.9%
EPSS 0% CVSS 6.9
MEDIUM This Month

Improper check of password character lenght in ORing IAP-420 allows a forced deadlock.01e. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Iap 420 Firmware
NVD
EPSS 17% CVSS 9.3
CRITICAL Act Now

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection.01e. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Iap 420 Firmware
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).01e and below. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iap 420 Firmware
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).01e and below. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iap 420 Firmware
NVD
EPSS 12% CVSS 8.7
HIGH POC THREAT This Week

Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.01e and below. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Iap 420 Firmware
NVD
EPSS 23% CVSS 8.7
HIGH POC THREAT This Week

Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.01e and below. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Iap 420 Firmware
NVD
EPSS 13% CVSS 8.3
HIGH POC THREAT This Week

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).01e and below. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Iap 420 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Iap 420 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy