Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Juplink Subscribe
Filtered by product Rx4-1500 Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8797 1 Juplink 2 Rx4-1500, Rx4-1500 Firmware 2021-07-21 6.9 MEDIUM 6.7 MEDIUM
Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call (aka Command Line Injection), if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network.
CVE-2020-8798 1 Juplink 2 Rx4-1500, Rx4-1500 Firmware 2020-05-06 2.1 LOW 5.5 MEDIUM
httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to change or access router settings by connecting to the unauthenticated setup3.htm endpoint from the local network.