Vulnerabilities > Evenroute > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-21 CVE-2020-11968 Information Exposure Through Log Files vulnerability in Evenroute Iqrouter Firmware 3.3.1
In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of Incorrect Access Control.
network
low complexity
evenroute CWE-532
7.5
7.5
2020-04-21 CVE-2020-11964 Improper Authentication vulnerability in Evenroute Iqrouter Firmware 3.3.1
In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the root password arbitrarily.
network
low complexity
evenroute CWE-287
7.5
7.5