Vulnerabilities > IP COM

DATE CVE VULNERABILITY TITLE RISK
2022-12-23 CVE-2022-45717 OS Command Injection vulnerability in Ip-Com M50 Firmware 15.11.0.33
IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.
network
low complexity
ip-com CWE-78
critical
9.8
2022-12-23 CVE-2022-45718 Classic Buffer Overflow vulnerability in Ip-Com M50 Firmware 15.11.0.33
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.
network
low complexity
ip-com CWE-120
critical
9.8
2022-12-23 CVE-2022-45719 Classic Buffer Overflow vulnerability in Ip-Com M50 Firmware 15.11.0.33
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.
network
low complexity
ip-com CWE-120
critical
9.8
2022-12-23 CVE-2022-45720 Classic Buffer Overflow vulnerability in Ip-Com M50 Firmware 15.11.0.33
IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.
network
low complexity
ip-com CWE-120
critical
9.8
2022-12-23 CVE-2022-45721 Classic Buffer Overflow vulnerability in Ip-Com M50 Firmware 15.11.0.33
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.
network
low complexity
ip-com CWE-120
critical
9.8
2022-12-13 CVE-2022-45005 OS Command Injection vulnerability in Ip-Com EW9 Firmware 15.11.0.14(9732)
IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.
network
low complexity
ip-com CWE-78
critical
9.8
2022-10-27 CVE-2022-43364 Unspecified vulnerability in Ip-Com EW9 Firmware 15.11.0.14
An access control issue in the password reset page of IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to arbitrarily change the admin password.
network
low complexity
ip-com
7.5
2022-10-27 CVE-2022-43365 Classic Buffer Overflow vulnerability in Ip-Com EW9 Firmware 15.11.0.14
IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function.
network
low complexity
ip-com CWE-120
7.5
2022-10-27 CVE-2022-43366 Unspecified vulnerability in Ip-Com EW9 Firmware 15.11.0.14
IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces.
network
low complexity
ip-com
7.5
2022-10-27 CVE-2022-43367 Command Injection vulnerability in Ip-Com EW9 Firmware 15.11.0.14
IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the formSetDebugCfg function.
network
low complexity
ip-com CWE-77
critical
9.8