Vulnerabilities > Mitrastar

DATE CVE VULNERABILITY TITLE RISK
2023-06-06 CVE-2023-33381 OS Command Injection vulnerability in Mitrastar Gpt-2741Gnac Firmware Arg5.8110Wvn0B72
A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2).
network
low complexity
mitrastar CWE-78
7.2
7.2
2023-05-05 CVE-2023-30065 Unspecified vulnerability in Mitrastar Gpt-2741Gnac-N2 Firmware Brg5.91.11(Wvk.0)B32
MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function.
network
low complexity
mitrastar
8.8
8.8
2022-05-03 CVE-2021-42165 OS Command Injection vulnerability in Mitrastar Gpt-2541Gnac-N1 Firmware Brg3.5100Vnz0B33
MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command "deviceinfo show file &&/bin/bash" because of incorrect sanitization of parameter "path".
network
low complexity
mitrastar CWE-78
critical
 9.0
9.0
2017-11-03 CVE-2017-16523 Unspecified vulnerability in Mitrastar Dsl-100Hn-T1 Firmware and Gpt-2541Gnac Firmware
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented.
network
low complexity
mitrastar
critical
 10.0
10
2017-11-03 CVE-2017-16522 Incorrect Default Permissions vulnerability in Mitrastar Dsl-100Hn-T1 Firmware and Gpt-2541Gnac Firmware
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute.
network
low complexity
mitrastar CWE-276
critical
 9.0
9.0