Vulnerabilities > Sagemcom

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-26	CVE-2021-3304	Classic Buffer Overflow vulnerability in Sagemcom F@St 3686 Firmware 3.495 Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI. network low complexity sagemcom CWE-120 critical	9.8
2020-11-27	CVE-2020-29138	Missing Authentication for Critical Function vulnerability in Sagemcom F@St 3486 Router Firmware 4.109.0 Incorrect Access Control in the configuration backup path in SAGEMCOM F@ST3486 NET DOCSIS 3.0, software NET_4.109.0, allows remote unauthenticated users to download the router configuration file via the /backupsettings.conf URI, when any valid session is running. network low complexity sagemcom CWE-306	5.3
2020-09-14	CVE-2020-21733	Cross-site Scripting vulnerability in Sagemcom F@St 3686 Firmware 1.0Hun3.97.0 Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp. network low complexity sagemcom CWE-79	6.1
2020-09-01	CVE-2020-24034	Deserialization of Untrusted Data vulnerability in Sagemcom F@St 5280 Router Firmware 1.150.61 Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. network low complexity sagemcom CWE-502	8.8
2020-01-09	CVE-2019-19494	Classic Buffer Overflow vulnerability in multiple products Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. network low complexity sagemcom netgear technicolor compal CWE-120	8.8
2019-03-05	CVE-2019-9555	Insufficient Entropy vulnerability in Sagemcom F@St 5260 Firmware 0.4.39 Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. network low complexity sagemcom CWE-331	5.3
2017-03-09	CVE-2017-6552	Resource Exhaustion vulnerability in Sagemcom Livebox Firmware 5.15.8.1 Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. network low complexity sagemcom CWE-400	7.5

Vulnerabilities > Sagemcom {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sagemcom"}]}

Vulnerabilities > Sagemcom