Netgear NETGEAR D7000 Licensing Issue Vulnerability (CNVD-2022-06684)

Netgear NETGEAR D7000 is a wireless modem from Netgear, Inc. A security vulnerability exists in versions prior to NETGEAR D7000 1.0.1.68, which is susceptible to authentication bypass and could be exploited by attackers to cause a denial of service attack...

Some Android users can disable 2G now and why that is a good thing

The Electronic Frontier Foundation EFF has happily informed people that Google has quietly pushed a new feature to its Android operating system allowing users to optionally disable 2G at the modem level in their phones. This is beneficial because 2G uses weak encryption between the tower and devi...

CVE-2021-40148

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933...

Information disclosure

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933...

CVE-2021-40148

CVE-2021-40148 affects Modem EMM in Google Android devices. Root cause: missing data encryption in the modem EMM leads to information disclosure without privileges or user interaction. Impact: remote information disclosure. Remediation: patch MOLY00716585 (Issue ALPS05886933) has been released. E...

CVE-2021-40148

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in EMM in Google Android 11, which stems from a lack of data encryption in the modem EMM that could lead to information disclosure...

The vulnerability of the FTM Diag command implementation in Qualcomm’s embedded software allows a hacker to write into the operating system space of the modem.

The vulnerability of the FTM Diag command in Qualcomm’s embedded software implementations arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to write data into the operating system space of the modem...

PT-2022-11190 · Modem Emm · Modem Emm

Name of the Vulnerable Software and Affected Versions: Modem EMM affected versions not specified Description: The issue is related to a missing data encryption in Modem EMM, which could lead to remote information disclosure without requiring additional execution privileges. User interaction is no...

ASB-A-207693368

In Modem UDP protocol integrated from Nucleus NET TCP/IP software, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure or denial of service with no additional execution privileges needed. User interaction is not needed for...

ASB-A-207646336

In Modem TCP protocol integrated from Nucleus NET TCP/IP software, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure or denial of service with no additional execution privileges needed. User interaction is not needed for...

The vulnerability of the UPnP integrated software routers from NETGEAR is as follows: EX3700, EX3800, EX6120, EX6130, R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7100LG, R7850, R7900P, R7960P, R8000, R8000P, R8300, R8500, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE500, RS400, WNDR3400v3, WNR3500Lv2, XR300. Additionally, NETGEAR routers with modems include: D6220, D6400, D7000v2, DGN2200v4. The NETGEAR AirCard DC112A is also affected. The NETGEAR cable modem CAX80 allows a hacker to execute arbitrary code.

The vulnerability of NETGEAR’s embedded software-based routers, such as EX3700, EX3800, EX6120, EX6130, R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7100LG, R7850, R7900P, R7960P, R8000, R8000P, R8300, R8500, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50,...

多款Qualcomm产品输入验证错误漏洞

Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm.QCA6574AU is a central processing unit CPU product.SDX24 is a modem.MDM9205 is a central processing unit CPU product. An input validation error vulnerability exists in multiple Qualcomm products. The vulnerability stems...

Qualcomm SDX55和QCA6390 访问控制错误漏洞

The Qualcomm SDX55 and QCA6390 are both products of Qualcomm Incorporated.The SDX55 is a modem.The QCA6390 is a central processing unit CPU product. The Access Control Error vulnerability exists in multiple Qualcomm products and stems from improper privilege masking in the products, which allows ...

D-Link DWR-932C E1 Command Injection Vulnerability

The D-Link Dwr-932C E1 is a WiFi mobile modem router from China-based D-Link.A security vulnerability exists in the D-Link DWR-932C E1 firmware, which stems from an OS command injection in debugfcgi. An attacker could exploit this vulnerability to perform command injection via a crafted HTTP...

D-Link DWR-932C E1 has unspecified vulnerabilities

The D-Link Dwr-932C E1 is a WiFi mobile modem router from D-Link, a Chinese company. A security vulnerability exists in the D-Link DWR-932C E1 firmware, stemming from a lack of critical function authentication in post set.cgi, which could be exploited by attackers to perform administrative action...

PTCL Modem HG150-Ub Authentication Bypass (CVE-2021-35296)

A vulnerability exists in PTCL HG150-Ub. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

CVE-2021-1973

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

kernel: bus: mhi: host: Range check CHDBOFF and ERDBOFF

A missing bounds check flaw was found in the Linux kernel's Modem Host Interface bus driver in the channel doorbell offset validation logic. A local user can trigger this issue on systems with MHI devices typically Qualcomm modems or wireless cards by using a device that provides malformed or...

CommScope Arris Surfboard Sb8200 访问控制错误漏洞

The CommScope Arris Surfboard Sb8200 is a Docsis 3.1 modem from CommScope USA. An access control error vulnerability exists in the CommScope Arris SurfBoard SB8200 that stems from the product's password change feature not having effective security measures in place. The vulnerability can be...