Vulnerabilities > Contec > Fxa3020 Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-26 | CVE-2022-36158 | Forced Browsing vulnerability in Contec products Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi). | 8.0 |
2022-09-26 | CVE-2022-36159 | Use of Hard-coded Credentials vulnerability in Contec products Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for root stored in the component /etc/shadow. | 8.8 |