Vulnerabilities > Fatpipeinc
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-27855 | Unspecified vulnerability in Fatpipeinc Ipvpn Firmware and Warp Firmware FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. | 8.8 |
| 2021-12-15 | CVE-2021-27856 | Unspecified vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named "cmuser" that has administrative privileges and no password. | 9.8 |
| 2021-12-15 | CVE-2021-27857 | Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker to download a configuration archive. | 7.5 |
| 2021-12-15 | CVE-2021-27858 | Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote attacker to access at least the URL "/fpui/jsp/index.jsp" leading to unknown impact, presumably some violation of confidentiality. | 5.3 |
| 2021-12-15 | CVE-2021-27859 | Missing Authorization vulnerability in Fatpipeinc Ipvpn Firmware and Mpvpn Firmware A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker with read-only privileges to create an account with administrative privileges. | 8.8 |
| 2021-12-08 | CVE-2021-27860 | Unrestricted Upload of File with Dangerous Type vulnerability in Fatpipeinc Ipvpn Firmware and Warp Firmware A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p92 and 10.2.2r44p1 allows a remote, unauthenticated attacker to upload a file to any location on the filesystem. | 8.8 |