Vulnerabilities > Fastweb > Fastgate Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-02 | CVE-2019-18661 | Improper Authentication vulnerability in Fastweb Fastgate Firmware 1.0.1B Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by changing a certain check_pwd return value from 0 to 1. | 7.5 |
| 2019-02-21 | CVE-2018-20122 | OS Command Injection vulnerability in Fastweb Fastgate Firmware 0.00.47/1.0.1B The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. | 9.8 |
| 2018-05-11 | CVE-2018-6023 | Cross-Site Request Forgery (CSRF) vulnerability in Fastweb Fastgate Firmware 0.00.47 Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc. | 8.8 |