Vulnerabilities > Motorola

DATE CVE VULNERABILITY TITLE RISK
2022-04-22 CVE-2021-3898 Improper Certificate Validation vulnerability in Motorola Device Help and Ready for
Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker.
network
motorola CWE-295
4.3
2021-12-15 CVE-2021-38701 Cross-site Scripting vulnerability in Motorola products
Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI.
network
motorola CWE-79
3.5
2021-08-17 CVE-2021-3458 Improper Authentication vulnerability in Motorola Mm1000 Firmware
The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified.
local
low complexity
motorola CWE-287
2.1
2021-08-17 CVE-2021-3459 OS Command Injection vulnerability in Motorola Mm1000 Firmware
A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the adapter.
local
low complexity
motorola CWE-78
7.2
2021-07-21 CVE-2020-21932 Improper Authentication vulnerability in Motorola CX2 Firmware 1.0.2
A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid.
network
low complexity
motorola CWE-287
5.0
2021-07-21 CVE-2020-21933 Information Exposure Through Log Files vulnerability in Motorola CX2 Firmware 1.0.2
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.
network
low complexity
motorola CWE-532
5.0
2021-07-21 CVE-2020-21934 Improper Authentication vulnerability in Motorola CX2 Firmware 1.0.2
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.
network
low complexity
motorola CWE-287
5.0
2021-07-21 CVE-2020-21935 OS Command Injection vulnerability in Motorola CX2 Firmware 1.0.2
A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.
network
low complexity
motorola CWE-78
7.5
2021-07-21 CVE-2020-21936 Missing Authentication for Critical Function vulnerability in Motorola CX2 Firmware 1.0.2
An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.
network
low complexity
motorola CWE-306
5.0
2021-07-21 CVE-2020-21937 OS Command Injection vulnerability in Motorola CX2 Firmware 1.0.2
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.
network
low complexity
motorola CWE-78
critical
10.0