Vulnerabilities > Motorola

DATE CVE VULNERABILITY TITLE RISK
2023-05-11 CVE-2023-31528 Command Injection vulnerability in Motorola Cx2L Firmware 1.0.1
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter.
network
low complexity
motorola CWE-77
8.8
2023-05-11 CVE-2023-31529 Command Injection vulnerability in Motorola Cx2L Firmware 1.0.1
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter.
network
low complexity
motorola CWE-77
8.8
2023-05-11 CVE-2023-31530 Command Injection vulnerability in Motorola Cx2L Firmware 1.0.1
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter.
network
low complexity
motorola CWE-77
8.8
2023-05-11 CVE-2023-31531 Command Injection vulnerability in Motorola Cx2L Firmware 1.0.1
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter.
network
low complexity
motorola CWE-77
8.8
2023-01-30 CVE-2022-34885 Improper Input Validation vulnerability in Motorola Mr2600 Firmware
An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code.
local
low complexity
motorola CWE-20
6.7
2022-04-22 CVE-2021-3898 Improper Certificate Validation vulnerability in Motorola Device Help and Ready for
Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker.
network
motorola CWE-295
4.3
2021-12-15 CVE-2021-38701 Cross-site Scripting vulnerability in Motorola products
Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI.
network
motorola CWE-79
3.5
2021-08-17 CVE-2021-3458 Improper Authentication vulnerability in Motorola Mm1000 Firmware
The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified.
local
low complexity
motorola CWE-287
2.1
2021-08-17 CVE-2021-3459 OS Command Injection vulnerability in Motorola Mm1000 Firmware
A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the adapter.
local
low complexity
motorola CWE-78
7.2
2021-07-21 CVE-2020-21932 Improper Authentication vulnerability in Motorola CX2 Firmware 1.0.2
A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid.
network
low complexity
motorola CWE-287
5.0