Vulnerabilities > Ignitenet

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2020-5783 Cross-Site Request Forgery (CSRF) vulnerability in Ignitenet Helios Glinq 2.2.1
In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms.
network
low complexity
ignitenet CWE-352
5.4
2020-09-23 CVE-2020-5782 Unspecified vulnerability in Ignitenet Helios Glinq 2.2.1
In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection.
network
low complexity
ignitenet
6.5
2020-09-23 CVE-2020-5781 Cross-site Scripting vulnerability in Ignitenet Helios Glinq 2.2.1
In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function.
network
low complexity
ignitenet CWE-79
4.3