Vulnerabilities > Genexis > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-13 | CVE-2021-29003 | OS Command Injection vulnerability in Genexis Platinum 4410 Firmware P4410V21.28 Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute arbitrary code via shell metacharacters to sys_config_valid.xgi, as demonstrated by the sys_config_valid.xgi?exeshell=%60telnetd%20%26%60 URI. | 9.8 |
| 2020-01-08 | CVE-2020-6170 | Missing Authentication for Critical Function vulnerability in Genexis Platinum-4410 Firmware 1.28 An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI. | 9.8 |
| 2017-12-20 | CVE-2017-6094 | Information Exposure vulnerability in Genexis Gaps CPEs used by subscribers on the access network receive their individual configuration settings from a central GAPS instance. | 9.8 |