Vulnerabilities > Fastweb
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-19 | CVE-2022-30114 | Out-of-bounds Write vulnerability in Fastweb products A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS. | 7.5 |
| 2020-11-24 | CVE-2020-13620 | Cross-Site Request Forgery (CSRF) vulnerability in Fastweb Fastgate Gpon Fga2130Fwb Firmware 18.3.N.0482Fw233Fga2130/20200526 Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration. | 8.8 |
| 2019-11-26 | CVE-2019-12489 | OS Command Injection vulnerability in Fastweb Askey Rtv1907Vw Firmware 0.00.81 An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. | 9.8 |
| 2019-11-02 | CVE-2019-18661 | Improper Authentication vulnerability in Fastweb Fastgate Firmware 1.0.1B Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain check_pwd return value from 0 to 1. | 7.5 |
| 2019-02-21 | CVE-2018-20122 | OS Command Injection vulnerability in Fastweb Fastgate Firmware 0.00.47/1.0.1B The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. | 9.8 |
| 2018-05-11 | CVE-2018-6023 | Cross-Site Request Forgery (CSRF) vulnerability in Fastweb Fastgate Firmware 0.00.47 Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc. | 8.8 |