Vulnerabilities > Evenroute > Iqrouter Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-21 | CVE-2020-11968 | Information Exposure Through Log Files vulnerability in Evenroute Iqrouter Firmware 3.3.1 In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of Incorrect Access Control. | 7.5 |
| 2020-04-21 | CVE-2020-11964 | Improper Authentication vulnerability in Evenroute Iqrouter Firmware 3.3.1 In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the root password arbitrarily. | 7.5 |