Vulnerabilities > Compal
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-09 | CVE-2019-19494 | Classic Buffer Overflow vulnerability in multiple products Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. | 9.3 |
| 2019-10-28 | CVE-2019-17224 | Path Traversal vulnerability in Compal Ch7465Lg Firmware Ch7465Lgncip6.12.18.252P6Nosh The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. | 5.0 |
| 2019-10-11 | CVE-2019-17499 | OS Command Injection vulnerability in Compal Ch7465Lg Firmware 6.12.18.252P4 The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the Target_IP parameter. | 9.0 |
| 2019-10-02 | CVE-2019-13025 | Incorrect Resource Transfer Between Spheres vulnerability in Compal Ch7465Lg Firmware Ch7465Lgncip6.12.18.245P8Nosh Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. | 7.5 |