Skip to main content

Vpncrypt M10 Firmware

2 CVEs product

Monthly

CVE-2020-12107 CRITICAL Act Now

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Vpncrypt M10 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2020-12106 CRITICAL Act Now

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Vpncrypt M10 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.4%
EPSS 2% CVSS 9.8
CRITICAL Act Now

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Vpncrypt M10 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Vpncrypt M10 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy