Helios Glinq Security Vulnerabilities and Issues — Helios Glinq CVE List

Lucene search

IgnitenetHelios Glinq

3 matches found

CVE•added 2020/09/23 4:15 p.m.•34 views

CVE-2020-5783

In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms.

5.8CVSS5.6AI score0.00115EPSS

CVE•added 2020/09/23 4:15 p.m.•33 views

CVE-2020-5782

In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection.

6.8CVSS6.5AI score0.00273EPSS

CVE•added 2020/09/23 4:15 p.m.•32 views

CVE-2020-5781

In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users.

4.3CVSS4.8AI score0.00299EPSS