Vulnerabilities > IP COM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-23 | CVE-2022-45717 | OS Command Injection vulnerability in Ip-Com M50 Firmware 15.11.0.33 IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. | 9.8 |
2022-12-23 | CVE-2022-45718 | Classic Buffer Overflow vulnerability in Ip-Com M50 Firmware 15.11.0.33 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function. | 9.8 |
2022-12-23 | CVE-2022-45719 | Classic Buffer Overflow vulnerability in Ip-Com M50 Firmware 15.11.0.33 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function. | 9.8 |
2022-12-23 | CVE-2022-45720 | Classic Buffer Overflow vulnerability in Ip-Com M50 Firmware 15.11.0.33 IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function. | 9.8 |
2022-12-23 | CVE-2022-45721 | Classic Buffer Overflow vulnerability in Ip-Com M50 Firmware 15.11.0.33 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function. | 9.8 |
2022-12-13 | CVE-2022-45005 | OS Command Injection vulnerability in Ip-Com EW9 Firmware 15.11.0.14(9732) IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function. | 9.8 |
2022-10-27 | CVE-2022-43364 | Unspecified vulnerability in Ip-Com EW9 Firmware 15.11.0.14 An access control issue in the password reset page of IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to arbitrarily change the admin password. | 7.5 |
2022-10-27 | CVE-2022-43365 | Classic Buffer Overflow vulnerability in Ip-Com EW9 Firmware 15.11.0.14 IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function. | 7.5 |
2022-10-27 | CVE-2022-43366 | Unspecified vulnerability in Ip-Com EW9 Firmware 15.11.0.14 IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces. | 7.5 |
2022-10-27 | CVE-2022-43367 | Command Injection vulnerability in Ip-Com EW9 Firmware 15.11.0.14 IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the formSetDebugCfg function. | 9.8 |