Vulnerabilities > Sagemcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-27 | CVE-2020-29138 | Missing Authentication for Critical Function vulnerability in Sagemcom F@St 3486 Router Firmware 4.109.0 Incorrect Access Control in the configuration backup path in SAGEMCOM F@ST3486 NET DOCSIS 3.0, software NET_4.109.0, allows remote unauthenticated users to download the router configuration file via the /backupsettings.conf URI, when any valid session is running. | 5.3 |
| 2020-09-14 | CVE-2020-21733 | Cross-site Scripting vulnerability in Sagemcom F@St 3686 Firmware 1.0Hun3.97.0 Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp. | 6.1 |
| 2019-03-05 | CVE-2019-9555 | Insufficient Entropy vulnerability in Sagemcom F@St 5260 Firmware 0.4.39 Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. | 5.3 |