Vulnerabilities > Kratosdefense > NGC Indoor Unit Firmware > 9.1.0.4

DATE CVE VULNERABILITY TITLE RISK
2023-07-18 CVE-2023-36670 OS Command Injection vulnerability in Kratosdefense NGC Indoor Unit Firmware 9.1.0.4
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4.
network
low complexity
kratosdefense CWE-78
critical
 9.8
9.8
2023-07-18 CVE-2023-36669 Missing Authentication for Critical Function vulnerability in Kratosdefense NGC Indoor Unit Firmware 9.1.0.4
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system.
network
low complexity
kratosdefense CWE-306
critical
 9.8
9.8