Vulnerabilities > Actiontec
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-13 | CVE-2013-3097 | Cross-site Scripting vulnerability in Actiontec Mi424Wr-Gen3I Firmware Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router. | 4.3 |
2019-06-28 | CVE-2018-15555 | Improper Synchronization vulnerability in Actiontec Web6000Q Firmware 1.1.02.22 On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers. | 10.0 |
2019-06-27 | CVE-2018-15557 | Improper Privilege Management vulnerability in Actiontec Web6000Q Firmware 1.1.02.22 An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. | 10.0 |
2019-06-27 | CVE-2018-15556 | Improper Authentication vulnerability in Actiontec Web6000Q Firmware 1.1.02.22 The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers. | 10.0 |
2019-06-17 | CVE-2019-12789 | Unspecified vulnerability in Actiontec T2200H Firmware T2200H31.1238L.08 An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. | 7.2 |
2018-12-06 | CVE-2018-19922 | Cross-site Scripting vulnerability in Actiontec C1000A Firmware Persistent Cross-Site Scripting (XSS) in the advancedsetup_websiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the 'TodUrlAdd' URL parameter in a /urlfilter.cmd POST request. | 4.3 |
2018-05-14 | CVE-2018-10252 | Session Fixation vulnerability in Actiontec Wcb6200Q Firmware An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. | 6.8 |
2015-08-23 | CVE-2015-2905 | Cross-Site Request Forgery (CSRF) vulnerability in Actiontec Ncs01 Firmware Cross-site request forgery (CSRF) vulnerability on Actiontec GT784WN modems with firmware before NCS01-1.0.13 allows remote attackers to hijack the authentication or intranet connectivity of arbitrary users. | 6.8 |
2015-08-23 | CVE-2015-2904 | Unspecified vulnerability in Actiontec Ncs01 Firmware Actiontec GT784WN modems with firmware before NCS01-1.0.13 have hardcoded credentials, which makes it easier for remote attackers to obtain root access by connecting to the web administration interface. low complexity actiontec | 8.3 |