Skip to main content

Rdkb Ccsppandm

4 CVEs product

Monthly

CVE-2019-6964 HIGH This Week

A heap-based buffer over-read in Service_SetParamStringValue in cosa_x_cisco_com_ddns_dml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Rdkb Ccsppandm
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2019-6963 HIGH This Week

A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Rdkb Ccsppandm
NVD
CVSS 3.0
8.8
EPSS
2.4%
CVE-2019-6962 HIGH This Week

A shell injection issue in cosa_wifi_apis.c in the RDK RDKB-20181217-1 CcspWifiAgent module allows attackers with login credentials to execute arbitrary shell commands under the CcspWifiSsp process. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Rdkb Ccsppandm
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2019-6961 MEDIUM This Month

Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass PHP Rdkb Ccsppandm
NVD
CVSS 3.0
6.5
EPSS
0.9%
EPSS 2% CVSS 8.8
HIGH This Week

A heap-based buffer over-read in Service_SetParamStringValue in cosa_x_cisco_com_ddns_dml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure +1
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A shell injection issue in cosa_wifi_apis.c in the RDK RDKB-20181217-1 CcspWifiAgent module allows attackers with login credentials to execute arbitrary shell commands under the CcspWifiSsp process. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Rdkb Ccsppandm
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass PHP Rdkb Ccsppandm
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy