Vulnerabilities > Actiontec

DATE CVE VULNERABILITY TITLE RISK
2024-06-19 CVE-2024-6142 Classic Buffer Overflow vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5
Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability.
low complexity
actiontec CWE-120
8.8
8.8
2024-06-19 CVE-2024-6143 Classic Buffer Overflow vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5
Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability.
low complexity
actiontec CWE-120
8.8
8.8
2024-06-19 CVE-2024-6144 Out-of-bounds Write vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5
Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability.
low complexity
actiontec CWE-787
8.8
8.8
2024-06-19 CVE-2024-6145 Use of Externally-Controlled Format String vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability.
low complexity
actiontec CWE-134
8.8
8.8
2024-06-19 CVE-2024-6146 Out-of-bounds Write vulnerability in Actiontec Wcb6200Q Firmware 1.2L.03.5
Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability.
low complexity
actiontec CWE-787
8.8
8.8
2019-11-13 CVE-2013-3097 Cross-site Scripting vulnerability in Actiontec Mi424Wr-Gen3I Firmware
Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router.
network
actiontec CWE-79
4.3
4.3
2019-06-28 CVE-2018-15555 Improper Synchronization vulnerability in Actiontec Web6000Q Firmware 1.1.02.22
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers.
network
low complexity
actiontec CWE-662
critical
 10.0
10
2019-06-27 CVE-2018-15557 Improper Privilege Management vulnerability in Actiontec Web6000Q Firmware 1.1.02.22
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices.
network
low complexity
actiontec CWE-269
critical
 10.0
10
2019-06-27 CVE-2018-15556 Improper Authentication vulnerability in Actiontec Web6000Q Firmware 1.1.02.22
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers.
network
low complexity
actiontec CWE-287
critical
 10.0
10
2019-06-17 CVE-2019-12789 Unspecified vulnerability in Actiontec T2200H Firmware T2200H31.1238L.08
An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus.
local
low complexity
actiontec
7.2
7.2