Skip to main content

Unibox U50 Firmware

2 CVEs product

Monthly

CVE-2020-21884 HIGH POC This Week

Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Unibox U50 Firmware Unibox U500 Firmware Unibox U1000 Firmware Unibox U2500 Firmware +1
NVD VulDB
CVSS 3.1
8.8
EPSS
1.2%
CVE-2020-21883 HIGH POC This Week

Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Unibox U50 Firmware Unibox U500 Firmware Unibox U1000 Firmware Unibox U2500 Firmware +1
NVD VulDB
CVSS 3.1
8.8
EPSS
5.9%
EPSS 1% CVSS 8.8
HIGH POC This Week

Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Unibox U50 Firmware Unibox U500 Firmware +3
NVD VulDB
EPSS 6% CVSS 8.8
HIGH POC This Week

Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Unibox U50 Firmware Unibox U500 Firmware +3
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy