Vulnerabilities > Netcommwireless > Hspa 3G10Wve

DATE CVE VULNERABILITY TITLE RISK
2017-02-09 CVE-2015-6024 Command Injection vulnerability in Netcommwireless Hspa 3G10Wve Firmware 3G10Wvel101S306Etsc01R03
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter.
network
low complexity
netcommwireless CWE-77
critical
 10.0
10
2017-02-09 CVE-2015-6023 Improper Access Control vulnerability in Netcommwireless Hspa 3G10Wve Firmware 3G10Wvel101S306Etsc01R03
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request.
network
low complexity
netcommwireless CWE-284
7.5
7.5