Vulnerabilities > Westermo > DR 250 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-24 | CVE-2018-19613 | Cross-Site Request Forgery (CSRF) vulnerability in Westermo Dr-250 Firmware, Dr-260 Firmware and Mr-260 Firmware Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. | 6.5 |
2019-05-24 | CVE-2018-19612 | Unrestricted Upload of File with Dangerous Type vulnerability in Westermo Dr-250 Firmware, Dr-260 Firmware and Mr-260 Firmware The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. | 8.8 |
2019-05-23 | CVE-2018-19614 | Cross-site Scripting vulnerability in Westermo Dr-250 Firmware, Dr-260 Firmware and Mr-260 Firmware XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. | 6.1 |