Skip to main content

Wireless 1420 Gateway Firmware

6 CVEs product

Monthly

CVE-2021-42542 HIGH PATCH This Week

The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware Wireless 1420 Gateway Firmware
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-42540 HIGH PATCH This Week

The affected product is vulnerable to a unsanitized extract folder for system configuration. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware Wireless 1420 Gateway Firmware
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2021-42539 HIGH PATCH This Week

The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware Wireless 1420 Gateway Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-42538 HIGH PATCH This Week

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware Wireless 1420 Gateway Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-42536 MEDIUM PATCH This Month

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware Wireless 1420 Gateway Firmware
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-38485 HIGH PATCH This Week

The affected product is vulnerable to improper input validation in the restore file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware Wireless 1420 Gateway Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

The affected product is vulnerable to a unsanitized extract folder for system configuration. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

The affected product is vulnerable to improper input validation in the restore file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Wireless 1410 Gateway Firmware Wireless 1410D Gateway Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy