158 matches found
PT-2025-24379 · Microhard · Ipn4Gii-Na2 +1
Name of the Vulnerable Software and Affected Versions: Microhard products that incorporate the BulletLTE-NA2 and IPn4Gii-NA2 affected versions not specified Description: The issue is related to a post-authentication command injection problem in the AT+MFRULE command, which can lead to privilege...
PT-2025-24382 · Microhard · Microhard Bulletlte-Na2 +1
Name of the Vulnerable Software and Affected Versions: Microhard BulletLTE-NA2 and IPn4Gii-NA2 affected versions not specified Description: The issue is related to a post-authentication command injection in the AT+MNPINGTM command, which can lead to privilege escalation. This is an instance of...
PT-2025-24376 · Microhard · Microhard Bulletlte-Na2 +1
Name of the Vulnerable Software and Affected Versions: Microhard BulletLTE-NA2 and IPn4Gii-NA2 affected versions not specified Description: The issue is a post-authentication command injection problem in the AT+MFIP command, which can lead to privilege escalation. This is an instance of improper...
PT-2025-24380 · Microhard · Ipn4Gii-Na2 +1
Name of the Vulnerable Software and Affected Versions: Microhard products that incorporate the BulletLTE-NA2 and IPn4Gii-NA2 affected versions not specified Description: The issue is related to a post-authentication command injection problem in the AT+MMNAME command, which can lead to privilege...
Microhard (CVE-2020-17407)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...
Microhard Bullet-LTE Improper Neutralization of Special Elements used in an OS Command (CVE-2020-17406)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...
Microhard 3G/4G Cellular Ethernet and Serial Gateway Use of Default Credentials (ZSL-2018-5480)
The devices utilizes hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the gateway. Another vulnerability could allow an authenticated attacker to gain root access. The...
CVE-2020-17407
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...
CVE-2020-17407
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...
CVE-2020-17406
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...
CVE-2020-17407
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...
CVE-2020-17406
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...
CVE-2020-17407
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...
CVE-2020-17407
Affected product: Microhard Bullet-LTE (firmware prior to v1.2.0-r1112). Vulnerability summary: A stack-based buffer overflow in the handling of the Basic/authentication headers allows remote attackers to execute arbitrary code with root privileges. The flaw arises from insufficient validation of...
CVE-2020-17406
CVE-2020-17406 affects Microhard Bullet-LTE prior to v1.2.0-r1112. The issue is in the handling of the ping parameter in tools.sh, stemming from improper validation of a user-supplied string before it is used in a system call. This allows an attacker with authentication to execute arbitrary code ...
Microhard Bullet-LTE Basic Authorization Header Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results from the lack of proper...
Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Configuration Download
Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Configuration Download Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Configuration Download Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb...
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service Vulnerability
Exploit for hardware platform in category dos / poc Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 build...
Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Denial of Service
Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Denial of Service Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 buil...