Skip to main content

Warp Firmware

6 CVEs product

Monthly

CVE-2021-27859 HIGH This Week

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Authentication Bypass Ipvpn Firmware Mpvpn Firmware Warp Firmware
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-27858 MEDIUM POC This Month

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote attacker to access at. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ipvpn Firmware Mpvpn Firmware Warp Firmware
NVD
CVSS 3.1
5.3
EPSS
2.7%
CVE-2021-27857 HIGH This Week

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ipvpn Firmware Mpvpn Firmware Warp Firmware
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2021-27856 CRITICAL POC Act Now

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named "cmuser" that has administrative privileges and no password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ipvpn Firmware Mpvpn Firmware Warp Firmware
NVD
CVSS 3.1
9.8
EPSS
5.6%
CVE-2021-27855 HIGH This Week

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ipvpn Firmware Warp Firmware Mpvpn Firmware
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-27860 HIGH POC KEV THREAT This Week

A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p92 and 10.2.2r44p1 allows a remote, unauthenticated attacker to upload a file to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Ipvpn Firmware Warp Firmware Mpvpn Firmware
NVD
CVSS 3.1
8.8
EPSS
39.8%
EPSS 2% CVSS 8.8
HIGH This Week

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Authentication Bypass Ipvpn Firmware +2
NVD
EPSS 3% CVSS 5.3
MEDIUM POC This Month

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote attacker to access at. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ipvpn Firmware Mpvpn Firmware +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ipvpn Firmware Mpvpn Firmware +1
NVD
EPSS 6% CVSS 9.8
CRITICAL POC Act Now

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named "cmuser" that has administrative privileges and no password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ipvpn Firmware Mpvpn Firmware +1
NVD
EPSS 2% CVSS 8.8
HIGH This Week

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ipvpn Firmware Warp Firmware +1
NVD
EPSS 40% CVSS 8.8
HIGH POC KEV THREAT This Week

A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p92 and 10.2.2r44p1 allows a remote, unauthenticated attacker to upload a file to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Ipvpn Firmware Warp Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy