Vulnerabilities > Mitrastar
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-06 | CVE-2023-33381 | OS Command Injection vulnerability in Mitrastar Gpt-2741Gnac Firmware Arg5.8110Wvn0B72 A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2). | 7.2 |
2023-05-05 | CVE-2023-30065 | Unspecified vulnerability in Mitrastar Gpt-2741Gnac-N2 Firmware Brg5.91.11(Wvk.0)B32 MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function. | 8.8 |
2022-05-03 | CVE-2021-42165 | OS Command Injection vulnerability in Mitrastar Gpt-2541Gnac-N1 Firmware Brg3.5100Vnz0B33 MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command "deviceinfo show file &&/bin/bash" because of incorrect sanitization of parameter "path". | 8.8 |
2017-11-03 | CVE-2017-16523 | Unspecified vulnerability in Mitrastar Dsl-100Hn-T1 Firmware and Gpt-2541Gnac Firmware MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented. | 9.8 |
2017-11-03 | CVE-2017-16522 | Incorrect Default Permissions vulnerability in Mitrastar Dsl-100Hn-T1 Firmware and Gpt-2541Gnac Firmware MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute. | 8.8 |