Airvelocity 1500 Firmware Security Vulnerabilities and Issues — Airvelocity 1500 Firmware CVE List

Lucene search

AirspanAirvelocity 1500 Firmware

3 matches found

CVE•added 2022/08/16 1:15 a.m.•59 views

CVE-2022-36310

Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other AirVelocity and AirSpeed models.

8.8CVSS8.8AI score0.00468EPSS

CVE•added 2022/08/16 1:15 a.m.•56 views

CVE-2022-36309

Airspan AirVelocity 1500 software versions prior to 15.18.00.2511 have a root command injection vulnerability in the ActiveBank parameter of the recoverySubmit.cgi script running on the eNodeB's web management UI. This issue may affect other AirVelocity and AirSpeed models.

8.8CVSS8.7AI score0.47719EPSS

CVE•added 2022/08/16 1:15 a.m.•52 views

CVE-2022-36312

Airspan AirVelocity 1500 software version 15.18.00.2511 lacks CSRF protections in the eNodeB's web management UI. This issue may affect other AirVelocity and AirSpeed models.

8.8CVSS8.6AI score0.00223EPSS