Vulnerabilities > Nokia > G 040W Q Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-41351 Missing Authentication for Critical Function vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated remote attacker to bypass the authentication mechanism to log in to the device by an alternative URL.
network
low complexity
nokia CWE-306
critical
9.8
2023-11-03 CVE-2023-41352 OS Command Injection vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input.
network
low complexity
nokia CWE-78
7.2
2023-11-03 CVE-2023-41353 Weak Password Requirements vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements.
network
low complexity
nokia CWE-521
8.8
2023-11-03 CVE-2023-41354 Unspecified vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.
network
low complexity
nokia
5.3
2023-11-03 CVE-2023-41355 Unspecified vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages.
network
low complexity
nokia
critical
9.8
2023-11-03 CVE-2023-41350 Improper Restriction of Excessive Authentication Attempts vulnerability in Nokia G-040W-Q Firmware G040Wqr201207
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple failed authentication attempts.
network
low complexity
nokia CWE-307
critical
9.8