Vulnerabilities > Phicomm

DATE CVE VULNERABILITY TITLE RISK
2023-08-25 CVE-2023-40796 Command Injection vulnerability in Phicomm K2 Firmware 22.6.529.216
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call.
local
low complexity
phicomm CWE-77
7.8
2023-01-27 CVE-2022-48070 OS Command Injection vulnerability in Phicomm K2 Firmware 22.6.534.263
Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
local
low complexity
phicomm CWE-78
7.8
2023-01-27 CVE-2022-48071 Cleartext Storage of Sensitive Information vulnerability in Phicomm K2 Firmware 22.6.534.263
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.
network
low complexity
phicomm CWE-312
7.5
2023-01-27 CVE-2022-48072 OS Command Injection vulnerability in Phicomm K2 Firmware 22.6.3.20
Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
local
low complexity
phicomm CWE-78
7.8
2023-01-27 CVE-2022-48073 Cleartext Storage of Sensitive Information vulnerability in Phicomm K2 Firmware 22.6.534.263
Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext.
network
low complexity
phicomm CWE-312
7.5
2022-09-08 CVE-2022-37777 Unspecified vulnerability in Phicomm products
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert function.
network
low complexity
phicomm
7.2
2022-09-08 CVE-2022-37778 Unspecified vulnerability in Phicomm products
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the current_time parameter of the time function.
network
low complexity
phicomm
7.2
2022-09-08 CVE-2022-37779 Unspecified vulnerability in Phicomm products
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the sendnum parameter of the ping function.
network
low complexity
phicomm
7.2
2022-09-07 CVE-2022-37780 Unspecified vulnerability in Phicomm products
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the pingAddr parameter of the tracert function.
network
low complexity
phicomm
7.2
2022-07-19 CVE-2022-27373 OS Command Injection vulnerability in Phicomm Fir303B Firmware
Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function.
network
low complexity
phicomm CWE-78
8.8