Vulnerabilities > Resourcexpress > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-15 CVE-2020-28898 Improper Input Validation vulnerability in Resourcexpress 4.9K
In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation.
network
low complexity
resourcexpress CWE-20
5.3
5.3
2020-11-17 CVE-2020-25746 Information Exposure vulnerability in Resourcexpress Qubi3 Firmware
QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local attacker (with physical access to the device) to obtain sensitive information via the debug interface (keystrokes over a USB cable), aka wireless password visibility.
low complexity
resourcexpress CWE-200
4.6
4.6