Gryphon Tower Firmware Security Vulnerabilities and Issues — Gryphon Tower Firmware CVE List

Lucene search

GryphonconnectGryphon Tower Firmware

7 matches found

CVE•added 2021/12/09 4:15 p.m.•36 views

CVE-2021-20139

An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to ...

8.8CVSS8.9AI score0.07766EPSS

CVE•added 2021/12/09 4:15 p.m.•32 views

CVE-2021-20143

An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...

8.8CVSS9AI score0.07766EPSS

CVE•added 2021/12/09 4:15 p.m.•29 views

CVE-2021-20144

An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...

8.8CVSS9AI score0.07766EPSS

CVE•added 2021/12/09 4:15 p.m.•28 views

CVE-2021-20138

An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the ...

8.8CVSS8.9AI score0.08179EPSS

CVE•added 2021/12/09 4:15 p.m.•28 views

CVE-2021-20142

An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...

8.8CVSS9AI score0.07766EPSS

CVE•added 2021/12/09 4:15 p.m.•27 views

CVE-2021-20140

An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...

8.8CVSS9AI score0.07766EPSS

CVE•added 2021/12/09 4:15 p.m.•22 views

CVE-2021-20141

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...

8.8CVSS8.9AI score0.07766EPSS