phicomm

Top products

The 15 most recently published vulnerabilities affecting phicomm.

• CVE-2023-40796Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call.7.8Aug 25, 2023
• CVE-2023-31070Уязвимость модуля Efficient Multicast Forwarding (EMF) микропрограммного обеспечения маршрутизаторов TOTOLINK, TP-LINK, ASUS, Arris, Buffalo, D-Link, Linksys, Netgear, TRENDnet, Xiaomi, Linksys, Luxul, Phicomm, Ubee, позволяющая нарушителю выполнить произвольный код7.8May 26, 2023
• CVE-2022-48073Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext.7.5Jan 27, 2023
• CVE-2022-48072Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.7.8Jan 27, 2023
• CVE-2022-48071Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.7.5Jan 27, 2023
• CVE-2022-48070Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.7.8Jan 27, 2023
• CVE-2022-37779Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the sendnum parameter of the ping function.7.2Sep 7, 2022
• CVE-2022-37777Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert...7.2Sep 7, 2022
• CVE-2022-37778Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the current_time parameter of the time function.7.2Sep 7, 2022
• CVE-2022-37780Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the pingAddr parameter of the tracert function.7.2Sep 7, 2022
• CVE-2022-27373Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function.8.8Jul 19, 2022
• CVE-2022-25219A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the rout...8.4Mar 7, 2022
• CVE-2022-25213Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The sam...6.8Mar 7, 2022
• CVE-2022-25215Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those...5.3Mar 7, 2022
• CVE-2022-25218The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control o...8.1Mar 7, 2022