Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-19942 | 1 Swisscom | 3 Centro Business, Centro Grande, Centro Grande Firmware | 2021-03-04 | 5.0 MEDIUM | 7.5 HIGH |
Missing output sanitation in Swisscom Centro Grande Centro Grande before 6.16.12, Centro Business 1.0 (ADB) before 7.10.18, and Centro Business 2.0 before 8.02.04 allows a remote attacker to perform DNS spoofing against the web interface via crafted hostnames in DHCP requests. | |||||
CVE-2019-19940 | 1 Swisscom | 2 Centro Grande, Centro Grande Firmware | 2021-02-03 | 9.0 HIGH | 7.2 HIGH |
Incorrect input sanitation in text-oriented user interfaces (telnet, ssh) in Swisscom Centro Grande before 6.16.12 allows remote authenticated users to execute arbitrary commands via command injection. | |||||
CVE-2019-19941 | 1 Swisscom | 2 Centro Grande, Centro Grande Firmware | 2021-02-03 | 3.5 LOW | 5.4 MEDIUM |
Missing hostname validation in Swisscom Centro Grande before 6.16.12 allows a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS. | |||||
CVE-2015-1188 | 1 Swisscom | 2 Centro Grande, Centro Grande Firmware | 2021-01-05 | 7.5 HIGH | N/A |
The certificate verification functions in the HNDS service in Swisscom Centro Grande (ADB) DSL routers with firmware before 6.14.00 allows remote attackers to access the management functions via unknown vectors. |