Vulnerabilities > Carrier > Lenels2 S2 LP 4502 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-06-06 CVE-2022-31479 OS Command Injection vulnerability in multiple products
An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process.
network
low complexity
hidglobal carrier CWE-78
critical
9.8
2022-06-06 CVE-2022-31480 Forced Browsing vulnerability in multiple products
An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service (DoS).
network
low complexity
hidglobal carrier CWE-425
7.5
2022-06-06 CVE-2022-31481 Classic Buffer Overflow vulnerability in multiple products
An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer.
network
low complexity
hidglobal carrier CWE-120
critical
10.0
2022-06-06 CVE-2022-31482 Classic Buffer Overflow vulnerability in multiple products
An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the device that can overflow a buffer.
network
low complexity
hidglobal carrier CWE-120
7.5
2022-06-06 CVE-2022-31483 Path Traversal vulnerability in multiple products
An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem.
network
low complexity
hidglobal carrier CWE-22
8.8
2022-06-06 CVE-2022-31484 Forced Browsing vulnerability in multiple products
An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface.
network
low complexity
hidglobal carrier CWE-425
7.5
2022-06-06 CVE-2022-31485 Forced Browsing vulnerability in multiple products
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface.
network
low complexity
hidglobal carrier CWE-425
5.3
2022-06-06 CVE-2022-31486 OS Command Injection vulnerability in multiple products
An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and have it execute shell commands.
network
low complexity
hidglobal carrier CWE-78
8.8