Vulnerabilities > Carrier > Lenels2 S2 LP 4502 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-06 CVE-2022-31480 Forced Browsing vulnerability in multiple products
An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service (DoS).
network
low complexity
hidglobal carrier CWE-425
5.0
5.0
2022-06-06 CVE-2022-31484 Forced Browsing vulnerability in multiple products
An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface.
network
low complexity
hidglobal carrier CWE-425
5.0
5.0
2022-06-06 CVE-2022-31485 Forced Browsing vulnerability in multiple products
An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface.
network
low complexity
hidglobal carrier CWE-425
5.0
5.0