Vulnerabilities > Carrier > Lenels2 S2 LP 2500 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-06-06 CVE-2022-31481 Classic Buffer Overflow vulnerability in multiple products
An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer.
network
low complexity
hidglobal carrier CWE-120
critical
10.0
2022-06-06 CVE-2022-31479 OS Command Injection vulnerability in multiple products
An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process.
network
low complexity
hidglobal carrier CWE-78
critical
9.8