Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Unimo Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44620 1 Unimo 6 Udr-ja1604, Udr-ja1604 Firmware, Udr-ja1608 and 3 more 2022-12-09 N/A 8.8 HIGH
Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.
CVE-2022-44606 1 Unimo 6 Udr-ja1604, Udr-ja1604 Firmware, Udr-ja1608 and 3 more 2022-12-09 N/A 8.8 HIGH
OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.
CVE-2022-43464 1 Unimo 6 Udr-ja1604, Udr-ja1604 Firmware, Udr-ja1608 and 3 more 2022-12-09 N/A 8.8 HIGH
Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.
CVE-2022-35733 1 Unimo 6 Udr-ja1004, Udr-ja1004 Firmware, Udr-ja1008 and 3 more 2022-08-26 N/A 9.8 CRITICAL
Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface.