Vulnerabilities > Airties > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2019-6967 Cross-Site Request Forgery (CSRF) vulnerability in Airties AIR 5341 Firmware 1.0.0.12
AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.
network
airties CWE-352
6.8
2018-10-02 CVE-2018-17594 Cross-site Scripting vulnerability in Airties AIR 5443V2 Firmware 1.0.0.18
AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
airties CWE-79
4.3
2018-10-02 CVE-2018-17593 Cross-site Scripting vulnerability in Airties AIR 5453 Firmware 1.0.0.18
AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
airties CWE-79
4.3
2018-10-02 CVE-2018-17591 Cross-site Scripting vulnerability in Airties AIR 5343V2 Firmware 1.0.0.18
AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
airties CWE-79
4.3
2018-10-02 CVE-2018-17590 Cross-site Scripting vulnerability in Airties AIR 5442 Firmware 1.0.0.18
AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
airties CWE-79
4.3
2018-10-02 CVE-2018-17589 Cross-site Scripting vulnerability in Airties AIR 5650 Firmware 1.0.0.18
AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
airties CWE-79
4.3
2018-10-02 CVE-2018-17588 Cross-site Scripting vulnerability in Airties AIR 5021 Firmware 1.0.0.18
AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
airties CWE-79
4.3
2018-10-02 CVE-2018-17587 Cross-site Scripting vulnerability in Airties AIR 5750 Firmware 1.0.0.18
AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
airties CWE-79
4.3
2018-07-05 CVE-2018-8738 Cross-site Scripting vulnerability in Airties 5444 Firmware and 5444Tt Firmware
Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.
network
airties CWE-79
4.3
2015-06-19 CVE-2015-4679 Cross-site Scripting vulnerability in Airties Rt-210 Firmware
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Airties RT-210 allow remote attackers to inject arbitrary web script or HTML via the (1) ddns_domainame or (2) ddns_account parameter to ddns.stm.
network
airties CWE-79
4.3