Vulnerabilities > Genexis > Platinum 4410 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-10 | CVE-2020-28137 | Cross-Site Request Forgery (CSRF) vulnerability in Genexis Platinum 4410 Firmware P4410V21.28 Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router. | 6.5 |
| 2020-11-17 | CVE-2020-25988 | Cleartext Transmission of Sensitive Information vulnerability in Genexis Platinum 4410 Firmware P4410V21.34H UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent. | 6.5 |
| 2020-10-28 | CVE-2020-27980 | Cross-site Scripting vulnerability in Genexis Platinum-4410 Firmware 1.28 Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. | 5.4 |
| 2020-09-16 | CVE-2020-25015 | Cross-Site Request Forgery (CSRF) vulnerability in Genexis Platinum 4410 Firmware P4410V21.28 A specific router allows changing the Wi-Fi password remotely. | 6.5 |