Vulnerabilities > Realtek
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-03 | CVE-2022-40740 | OS Command Injection vulnerability in Realtek Usdk and Xpon Software Development KIT Realtek GPON router has insufficient filtering for special characters. | 7.2 |
| 2022-11-29 | CVE-2022-32966 | Missing Authorization vulnerability in Realtek Rtl8111Fp-Cg Firmware 3.0.0.2019090/5.0.10/5.0.23 RTL8168FP-CG Dash remote management function has missing authorization. | 6.5 |
| 2022-11-29 | CVE-2022-32967 | Use of Hard-coded Credentials vulnerability in Realtek Rtl8111Ep-Cg Firmware and Rtl8111Fp-Cg Firmware RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. | 2.1 |
| 2022-09-27 | CVE-2022-34326 | Unspecified vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6 In ambiot amb1_sdk (aka SDK for Ameba1) before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection (with four-way handshake) failures in Soft AP mode. | 7.5 |
| 2022-08-01 | CVE-2022-27255 | Improper Input Validation vulnerability in Realtek Ecos Msdk Firmware and Ecos Rsdk Firmware In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. | 9.8 |
| 2022-06-20 | CVE-2022-21742 | Classic Buffer Overflow vulnerability in Realtek products Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. | 3.3 |
| 2021-12-22 | CVE-2021-39306 | Out-of-bounds Write vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6 A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security. | 7.5 |
| 2021-11-11 | CVE-2021-43573 | Classic Buffer Overflow vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6 A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. | 7.5 |
| 2021-11-02 | CVE-2021-36922 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.2 |
| 2021-11-02 | CVE-2021-36923 | Unspecified vulnerability in Realtek Rtsupx USB Utility Driver RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | 7.2 |