Vulnerabilities > Actiontec > Web6000Q Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-06-28 CVE-2018-15555 Improper Synchronization vulnerability in Actiontec Web6000Q Firmware 1.1.02.22
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers.
network
low complexity
actiontec CWE-662
critical
10.0
2019-06-27 CVE-2018-15557 Improper Privilege Management vulnerability in Actiontec Web6000Q Firmware 1.1.02.22
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices.
network
low complexity
actiontec CWE-269
critical
10.0
2019-06-27 CVE-2018-15556 Improper Authentication vulnerability in Actiontec Web6000Q Firmware 1.1.02.22
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers.
network
low complexity
actiontec CWE-287
critical
10.0