Vulnerabilities > Skyworthdigital > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-17 | CVE-2023-51732 | Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the IPsec Tunnel Name parameter at its web interface. | 5.4 |
| 2021-10-27 | CVE-2021-41872 | Unspecified vulnerability in Skyworthdigital Penguin Aurora BOX 41502 Firmware Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service. | 5.0 |
| 2021-04-09 | CVE-2021-25328 | Classic Buffer Overflow vulnerability in Skyworthdigital Rn510 Firmware 3.1.0.4 Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. | 6.5 |
| 2021-04-09 | CVE-2021-25327 | Cross-site Scripting vulnerability in Skyworthdigital Rn510 Firmware 3.1.0.4 Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF) vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. | 4.3 |
| 2021-04-09 | CVE-2021-25326 | Cross-Site Request Forgery (CSRF) vulnerability in Skyworthdigital Rn510 Firmware 3.1.0.4 Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. | 5.4 |
| 2018-12-23 | CVE-2018-20398 | Insufficiently Protected Credentials vulnerability in Skyworthdigital products Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | 5.0 |