Wireless 1410 Gateway Firmware Security Vulnerabilities and Issues — Wireless 1410 Gateway Firmware CVE List

Lucene search

EmersonWireless 1410 Gateway Firmware

7 matches found

CVE•added 2021/10/22 2:15 p.m.•70 views

CVE-2021-42536

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.

8CVSS6.8AI score0.0019EPSS

CVE•added 2021/09/29 8:15 p.m.•53 views

CVE-2020-12030

There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway.

10CVSS9.5AI score0.00285EPSS

CVE•added 2021/10/22 2:15 p.m.•38 views

CVE-2021-42538

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.

8.8CVSS8.4AI score0.00321EPSS

CVE•added 2021/10/22 2:15 p.m.•37 views

CVE-2021-42540

The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.

8.8CVSS8.3AI score0.00221EPSS

CVE•added 2021/10/22 2:15 p.m.•32 views

CVE-2021-42539

The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.

8.8CVSS8.2AI score0.00175EPSS

CVE•added 2021/10/22 2:15 p.m.•32 views

CVE-2021-42542

The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.

8.8CVSS8.3AI score0.0049EPSS

CVE•added 2021/10/22 2:15 p.m.•30 views

CVE-2021-38485

The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk.

8.8CVSS8.2AI score0.0022EPSS