Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Raisecom Subscribe
Filtered by product Iscom Ht803g-1ge
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-7385 1 Raisecom 8 Iscom Ht803g-1ge, Iscom Ht803g-1ge Firmware, Iscom Ht803g-u and 5 more 2023-01-31 7.2 HIGH 7.8 HIGH
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a system call in the firmware. Because there is no user input validation, this leads to authenticated code execution on the device.
CVE-2019-7384 1 Raisecom 8 Iscom Ht803g-1ge, Iscom Ht803g-1ge Firmware, Iscom Ht803g-u and 5 more 2023-01-31 7.2 HIGH 7.8 HIGH
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system call inside the boa binary. Because there is no user input validation, this leads to authenticated code execution on the device.