Vulnerabilities > Motorola > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-38281 | Use of Hard-coded Credentials vulnerability in Motorola Vigilant Fixed LPR Coms BOX Firmware An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device. | 9.8 |
| 2023-08-29 | CVE-2023-23770 | Use of Hard-coded Credentials vulnerability in Motorola Mbts Site Controller Firmware R05.32.58 Motorola MBTS Site Controller accepts hard-coded backdoor password. | 9.8 |
| 2022-07-26 | CVE-2022-30270 | Improper Authentication vulnerability in Motorola Ace1000 Firmware The Motorola ACE1000 RTU through 2022-05-02 has default credentials. | 9.8 |
| 2022-07-26 | CVE-2022-30271 | Use of Hard-coded Credentials vulnerability in Motorola Ace1000 Firmware The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. | 9.8 |
| 2022-07-26 | CVE-2022-30274 | Use of Hard-coded Credentials vulnerability in Motorola Ace1000 Firmware The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. | 9.8 |
| 2021-07-21 | CVE-2020-21935 | OS Command Injection vulnerability in Motorola CX2 Firmware 1.0.2 A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code. | 9.8 |
| 2021-07-21 | CVE-2020-21937 | OS Command Injection vulnerability in Motorola CX2 Firmware 1.0.2 An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands. | 9.8 |
| 2021-04-13 | CVE-2021-3460 | Improper Certificate Validation vulnerability in Motorola Mh702X Firmware The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker. | 9.8 |
| 2019-09-12 | CVE-2019-16257 | Unspecified vulnerability in Motorola Firmware Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker. | 9.8 |
| 2019-05-23 | CVE-2019-12297 | Use of Externally-Controlled Format String vulnerability in Motorola CX2 Firmware and M2 Firmware An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. | 9.8 |