Vulnerabilities > Quectel > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-04-04 CVE-2023-26921 OS Command Injection vulnerability in Quectel Ag550Qcn Firmware
OS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary commands via ql_atfwd.
network
low complexity
quectel CWE-78
critical
 9.8
9.8
2022-06-21 CVE-2022-26147 OS Command Injection vulnerability in Quectel Rg502Q-Ea Firmware
The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection.
network
low complexity
quectel CWE-78
critical
 9.8
9.8
2021-08-12 CVE-2021-31698 OS Command Injection vulnerability in Quectel Eg25-G Firmware
Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectel_handle_fumo_cfg input in atfwd_daemon.
network
low complexity
quectel CWE-78
critical
 9.8
9.8