Vulnerabilities > Hitrontech
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-02 | CVE-2022-47616 | OS Command Injection vulnerability in Hitrontech Coda-5310 Firmware Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. | 7.2 |
2023-06-02 | CVE-2023-30603 | Unspecified vulnerability in Hitrontech Coda-5310 Firmware 7.2.4.7.1B3 Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the default password and account. | 9.8 |
2022-04-01 | CVE-2022-25017 | OS Command Injection vulnerability in Hitrontech Chita Firmware 7.2.2.0.3B6Cd Hitron CHITA 7.2.2.0.3b6-CD devices contain a command injection vulnerability via the Device/DDNS ddnsUsername field. | 8.8 |
2020-02-19 | CVE-2020-8824 | Cross-site Scripting vulnerability in Hitrontech Coda-4582U Firmware 7.1.1.30 Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed Device name on the Wireless > Access Control > Add Managed Device screen. | 5.4 |
2018-01-07 | CVE-2014-10069 | Cryptographic Issues vulnerability in Hitrontech Cve-30360 Firmware 3.1.1.21 Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the um_auth_account_password field. | 7.5 |