Skip to main content

N6854A Firmware

3 CVEs product

Monthly

CVE-2023-1399 CRITICAL Act Now

N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization N6854A Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-1661 HIGH This Week

The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal N6854A Firmware N6841A Rf Firmware
NVD
CVSS 3.1
7.5
EPSS
15.1%
CVE-2022-1660 CRITICAL Act Now

The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE N6854A Firmware N6841A Rf Firmware
NVD
CVSS 3.1
9.8
EPSS
16.0%
EPSS 1% CVSS 9.8
CRITICAL Act Now

N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which may allow a malicious actor to escalate privileges in the affected device’s default configuration and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization N6854A Firmware
NVD
EPSS 15% CVSS 7.5
HIGH This Week

The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal N6854A Firmware N6841A Rf Firmware
NVD
EPSS 16% CVSS 9.8
CRITICAL Act Now

The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE N6854A Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy