Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Meinbwa Subscribe
Filtered by product Direx-pro
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-10248 1 Meinbwa 2 Direx-pro, Direx-pro Firmware 2021-07-21 5.0 MEDIUM 7.5 HIGH
BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3.
CVE-2020-10249 1 Meinbwa 2 Direx-pro, Direx-pro Firmware 2021-07-21 5.0 MEDIUM 5.3 MEDIUM
BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3.
CVE-2020-10250 1 Meinbwa 2 Direx-pro, Direx-pro Firmware 2020-03-10 10.0 HIGH 9.8 CRITICAL
BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3.