Skip to main content

P5E Gnss Firmware

6 CVEs product

Monthly

CVE-2022-30627 HIGH This Week

This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-30626 HIGH This Week

Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure P5E Gnss Firmware
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2022-30625 MEDIUM This Month

Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure P5E Gnss Firmware
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2022-30624 HIGH This Week

Browsing the admin.html page allows the user to reset the admin password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-30623 CRITICAL Act Now

The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2022-30622 HIGH This Week

Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
CVSS 3.1
7.3
EPSS
0.2%
EPSS 0% CVSS 7.5
HIGH This Week

This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure P5E Gnss Firmware
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure P5E Gnss Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Browsing the admin.html page allows the user to reset the admin password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass P5E Gnss Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy