Vulnerabilities > Genexis > Platinum 4410 Firmware > p4410.v2.1.28

DATE CVE VULNERABILITY TITLE RISK
2021-11-10 CVE-2020-28137 Cross-Site Request Forgery (CSRF) vulnerability in Genexis Platinum 4410 Firmware P4410V21.28
Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router.
network
low complexity
genexis CWE-352
6.5
6.5
2021-04-13 CVE-2021-29003 OS Command Injection vulnerability in Genexis Platinum 4410 Firmware P4410V21.28
Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute arbitrary code via shell metacharacters to sys_config_valid.xgi, as demonstrated by the sys_config_valid.xgi?exeshell=%60telnetd%20%26%60 URI.
network
low complexity
genexis CWE-78
critical
 9.8
9.8
2020-09-16 CVE-2020-25015 Cross-Site Request Forgery (CSRF) vulnerability in Genexis Platinum 4410 Firmware P4410V21.28
A specific router allows changing the Wi-Fi password remotely.
network
low complexity
genexis CWE-352
6.5
6.5