Vulnerabilities > Genexis > Platinum 4410 Firmware > p4410.v2.1.28
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-10 | CVE-2020-28137 | Cross-Site Request Forgery (CSRF) vulnerability in Genexis Platinum 4410 Firmware P4410V21.28 Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router. | 7.1 |
| 2021-04-13 | CVE-2021-29003 | OS Command Injection vulnerability in Genexis Platinum 4410 Firmware P4410V21.28 Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute arbitrary code via shell metacharacters to sys_config_valid.xgi, as demonstrated by the sys_config_valid.xgi?exeshell=%60telnetd%20%26%60 URI. | 7.5 |
| 2020-09-16 | CVE-2020-25015 | Cross-Site Request Forgery (CSRF) vulnerability in Genexis Platinum 4410 Firmware P4410V21.28 A specific router allows changing the Wi-Fi password remotely. | 6.5 |