Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Redlion Subscribe
Filtered by product N-tron 702m12-w
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16206 1 Redlion 4 N-tron 702-w, N-tron 702-w Firmware, N-tron 702m12-w and 1 more 2022-10-14 3.5 LOW 9.0 CRITICAL
The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all versions).
CVE-2020-16210 1 Redlion 4 N-tron 702-w, N-tron 702-w Firmware, N-tron 702m12-w and 1 more 2022-10-14 3.5 LOW 9.0 CRITICAL
The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W (all versions).
CVE-2020-16204 1 Redlion 4 N-tron 702-w, N-tron 702-w Firmware, N-tron 702m12-w and 1 more 2022-10-14 10.0 HIGH 9.8 CRITICAL
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).
CVE-2017-16544 5 Busybox, Canonical, Debian and 2 more 8 Busybox, Ubuntu Linux, Debian Linux and 5 more 2022-06-20 6.5 MEDIUM 8.8 HIGH
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.
CVE-2020-16208 1 Redlion 4 N-tron 702-w, N-tron 702-w Firmware, N-tron 702m12-w and 1 more 2020-09-08 9.3 HIGH 8.8 HIGH
The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).