Filtered by vendor Comtrend
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8062 | 1 Comtrend | 2 Ar-5387un, Ar-5387un Firmware | 2020-10-27 | 3.5 LOW | 5.4 MEDIUM |
A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service. | |||||
CVE-2020-10173 | 1 Comtrend | 2 Vr-3033, Vr-3033 Firmware | 2020-03-10 | 9.0 HIGH | 8.8 HIGH |
Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi. | |||||
CVE-2018-20388 | 1 Comtrend | 4 Cm-6200un, Cm-6200un Firmware, Cm-6300n and 1 more | 2019-10-02 | 5.0 MEDIUM | 9.8 CRITICAL |
Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | |||||
CVE-2010-0470 | 1 Comtrend | 1 Ct-507it Adsl Router | 2010-02-02 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter. |