Skip to main content

N Tron 702M12 W Firmware

5 CVEs product

Monthly

CVE-2020-16210 CRITICAL POC Act Now

The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE N Tron 702 W Firmware N Tron 702M12 W Firmware
NVD
CVSS 3.1
9.0
EPSS
3.2%
CVE-2020-16208 HIGH This Week

The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF N Tron 702 W Firmware N Tron 702M12 W Firmware
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2020-16206 CRITICAL POC Act Now

The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Information Disclosure N Tron 702 W Firmware N Tron 702M12 W Firmware
NVD
CVSS 3.1
9.0
EPSS
3.2%
CVE-2020-16204 CRITICAL POC Act Now

The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure N Tron 702 W Firmware N Tron 702M12 W Firmware
NVD
CVSS 3.1
9.8
EPSS
5.5%
CVE-2017-16544 HIGH POC PATCH This Week

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Busybox Debian Linux ESXi +3
NVD
CVSS 3.1
8.8
EPSS
3.3%
EPSS 3% CVSS 9.0
CRITICAL POC Act Now

The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE N Tron 702 W Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF N Tron 702 W Firmware N Tron 702M12 W Firmware
NVD
EPSS 3% CVSS 9.0
CRITICAL POC Act Now

The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Information Disclosure +2
NVD
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure N Tron 702 W Firmware N Tron 702M12 W Firmware
NVD
EPSS 3% CVSS 8.8
HIGH POC PATCH This Week

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Busybox +5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy