Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Actiontec Subscribe
Filtered by product Web6000q Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-15555 1 Actiontec 2 Web6000q, Web6000q Firmware 2020-08-24 10.0 HIGH 9.8 CRITICAL
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers.
CVE-2018-15557 1 Actiontec 2 Web6000q, Web6000q Firmware 2020-08-24 10.0 HIGH 8.8 HIGH
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat.
CVE-2018-15556 1 Actiontec 2 Web6000q, Web6000q Firmware 2019-10-09 10.0 HIGH 9.8 CRITICAL
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers.