Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Amazon Subscribe
Filtered by product Blink Xt2 Sync Module Firmware
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3984 1 Amazon 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware 2020-08-24 10.0 HIGH 9.8 CRITICAL
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when the device retrieves updates scripts from the internet.
CVE-2019-3983 1 Amazon 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware 2020-08-24 7.2 HIGH 6.8 MEDIUM
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections.
CVE-2019-3985 1 Amazon 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware 2019-12-13 8.3 HIGH 8.8 HIGH
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.
CVE-2019-3986 1 Amazon 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware 2019-12-13 8.3 HIGH 8.8 HIGH
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter.
CVE-2019-3987 1 Amazon 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware 2019-12-13 8.3 HIGH 8.8 HIGH
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter.
CVE-2019-3988 1 Amazon 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware 2019-12-13 8.3 HIGH 8.8 HIGH
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter.
CVE-2019-3989 1 Amazon 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware 2019-12-13 9.3 HIGH 9.8 CRITICAL
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when retrieving internal network configuration data.