Vulnerabilities > Phicomm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-25 | CVE-2023-40796 | Command Injection vulnerability in Phicomm K2 Firmware 22.6.529.216 Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call. | 7.8 |
| 2023-01-27 | CVE-2022-48070 | OS Command Injection vulnerability in Phicomm K2 Firmware 22.6.534.263 Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function. | 7.8 |
| 2023-01-27 | CVE-2022-48071 | Cleartext Storage of Sensitive Information vulnerability in Phicomm K2 Firmware 22.6.534.263 Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. | 7.5 |
| 2023-01-27 | CVE-2022-48072 | OS Command Injection vulnerability in Phicomm K2 Firmware 22.6.3.20 Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function. | 7.8 |
| 2023-01-27 | CVE-2022-48073 | Cleartext Storage of Sensitive Information vulnerability in Phicomm K2 Firmware 22.6.534.263 Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext. | 7.5 |
| 2022-09-08 | CVE-2022-37777 | Unspecified vulnerability in Phicomm products Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert function. | 7.2 |
| 2022-09-08 | CVE-2022-37778 | Unspecified vulnerability in Phicomm products Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the current_time parameter of the time function. | 7.2 |
| 2022-09-08 | CVE-2022-37779 | Unspecified vulnerability in Phicomm products Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the sendnum parameter of the ping function. | 7.2 |
| 2022-09-07 | CVE-2022-37780 | Unspecified vulnerability in Phicomm products Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the pingAddr parameter of the tracert function. | 7.2 |
| 2022-07-19 | CVE-2022-27373 | OS Command Injection vulnerability in Phicomm Fir303B Firmware Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function. | 8.8 |