Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Emerson Subscribe
Filtered by product Wireless 1420 Gateway Firmware
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-42538 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2022-07-25 6.5 MEDIUM 8.8 HIGH
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.
CVE-2020-19417 1 Emerson 2 Wireless 1420 Gateway, Wireless 1420 Gateway Firmware 2022-07-12 9.0 HIGH 8.8 HIGH
Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users (such as the default account 'maint') to perform administrative tasks by sending specially crafted HTTP requests to the application.
CVE-2020-12030 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1420 Gateway and 3 more 2022-07-08 6.8 MEDIUM 10.0 CRITICAL
There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway.
CVE-2021-42540 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-28 6.5 MEDIUM 8.8 HIGH
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.
CVE-2021-42539 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-27 6.5 MEDIUM 8.8 HIGH
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.
CVE-2021-42542 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-27 6.5 MEDIUM 8.8 HIGH
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.
CVE-2021-42536 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-27 4.0 MEDIUM 6.5 MEDIUM
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
CVE-2021-38485 1 Emerson 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more 2021-10-27 6.5 MEDIUM 8.8 HIGH
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk.