Vulnerabilities > Skyworthdigital

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2023-51733 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Local endpoint settings at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
2024-01-17 CVE-2023-51734 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Remote endpoint settings at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
2024-01-17 CVE-2023-51735 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
2024-01-17 CVE-2023-51736 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the L2TP/PPTP Username parameter at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
2024-01-17 CVE-2023-51737 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
2024-01-17 CVE-2023-51738 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Network Name (SSID) parameter at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
2024-01-17 CVE-2023-51739 Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface.
network
low complexity
skyworthdigital CWE-79
5.4
2024-01-17 CVE-2023-51740 Cleartext Transmission of Sensitive Information vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network.
network
low complexity
skyworthdigital CWE-319
7.5
2024-01-17 CVE-2023-51741 Cleartext Transmission of Sensitive Information vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network.
network
low complexity
skyworthdigital CWE-319
7.5
2024-01-17 CVE-2023-51742 Out-of-bounds Write vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Add Downstream Frequency parameter at its web interface.
network
low complexity
skyworthdigital CWE-787
7.5