Filtered by vendor Motorola
Subscribe
Total
69 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-15513 | 2 Motorola, Openwrt | 5 C1 Mwr03, C1 Mwr03 Firmware, Cx2l Mwr04l and 2 more | 2021-01-02 | 7.8 HIGH | 7.5 HIGH |
An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang. | |||||
CVE-2019-11320 | 1 Motorola | 4 Cx2, Cx2 Firmware, M2 and 1 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address. | |||||
CVE-2019-11321 | 1 Motorola | 4 Cx2, Cx2 Firmware, M2 and 1 more | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices. | |||||
CVE-2019-13129 | 1 Motorola | 2 Cx2l Mwr04l, Cx2l Mwr04l Firmware | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
On the Motorola router CX2L MWR04L 1.01, there is a stack consumption (infinite recursion) issue in scopd via TCP port 8010 and UDP port 8080. It is caused by snprintf and inappropriate length handling. | |||||
CVE-2019-16257 | 1 Motorola | 2 Motorola, Motorola Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker. | |||||
CVE-2019-9121 | 1 Motorola | 4 C1, C1 Firmware, M2 and 1 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetSmartQoSSettings API function, as demonstrated by shell metacharacters in the smartqos_priority_devices field. | |||||
CVE-2019-11322 | 1 Motorola | 4 Cx2, Cx2 Firmware, M2 and 1 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value. | |||||
CVE-2019-11319 | 1 Motorola | 4 Cx2, Cx2 Firmware, M2 and 1 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value. | |||||
CVE-2018-20399 | 1 Motorola | 6 Sbg901, Sbg901 Firmware, Sbg941 and 3 more | 2019-10-02 | 5.0 MEDIUM | 9.8 CRITICAL |
Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | |||||
CVE-2017-9493 | 2 Cisco, Motorola | 2 Mx011anm Firmware, Mx011anm | 2019-10-02 | 5.8 MEDIUM | 6.3 MEDIUM |
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to conduct successful forced-pairing attacks (between an RF4CE remote and a set-top box) by repeatedly transmitting the same pairing code. | |||||
CVE-2017-9494 | 1 Motorola | 2 Mx011anm, Mx011anm Firmware | 2019-10-02 | 5.0 MEDIUM | 5.3 MEDIUM |
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet. | |||||
CVE-2017-9496 | 2 Cisco, Motorola | 2 Mx011anm Firmware, Mx011anm | 2019-10-02 | 4.6 MEDIUM | 6.8 MEDIUM |
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to access an SNMP server by connecting a cable to the Ethernet port, and then establishing communication with the device's link-local IPv6 address. | |||||
CVE-2017-9498 | 2 Comcast, Motorola | 4 Xfinity Xr11-20, Xfinity Xr11-20 Firmware, Mx011anm and 1 more | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for the firmware. | |||||
CVE-2019-12297 | 1 Motorola | 4 Cx2, Cx2 Firmware, M2 and 1 more | 2019-05-24 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080. | |||||
CVE-2019-9118 | 1 Motorola | 4 C1, C1 Firmware, M2 and 1 more | 2019-03-08 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetNTPServerSettings API function, as demonstrated by shell metacharacters in the system_time_timezone field. | |||||
CVE-2019-9119 | 1 Motorola | 4 C1, C1 Firmware, M2 and 1 more | 2019-03-08 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetStaticRouteSettings API function, as demonstrated by shell metacharacters in the staticroute_list field. | |||||
CVE-2019-9120 | 1 Motorola | 4 C1, C1 Firmware, M2 and 1 more | 2019-03-08 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetWLanACLSettings API function, as demonstrated by shell metacharacters in the wl(0).(0)_maclist field. | |||||
CVE-2019-9117 | 1 Motorola | 4 C1, C1 Firmware, M2 and 1 more | 2019-03-08 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetNetworkTomographySettings API function, as demonstrated by shell metacharacters in the tomography_ping_number field. | |||||
CVE-2006-1365 | 1 Motorola | 3 E398, Pebl U6, V600 | 2018-10-18 | 5.0 MEDIUM | N/A |
The Motorola PEBL U6, the Motorola V600, and possibly the Motorola E398 and other Motorola phones allow remote attackers to add an entry for their own Bluetooth device to a target device's list of trusted devices (aka Device History), and possibly obtain AT level access to the target device, by initiating and interrupting an OBEX Push Profile that pretends to send a vCard, aka a "HeloMoto" attack. | |||||
CVE-2006-1367 | 1 Motorola | 2 Pebl U6, V600 | 2018-10-18 | 6.8 MEDIUM | N/A |
The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook entries and saved SMS messages by connecting on Bluetooth channel 3 and tricking the user into pressing Grant, aka a "Blueline" attack. NOTE: while user-assisted, the attack is made more feasible because of a GUI misrepresentation issue that allows a default message to be replaced by an attacker-specified one. |