Lucene search
K
Ip-comEw9 Firmware

5 matches found

CVE
CVE
added 2022/10/27 12:0 a.m.62 views

CVE-2022-43364

CVE-2022-43364 affects IP-COM EW9 (firmware V15.11.0.14(9732)). An access-control flaw on the password-reset page allows unauthenticated attackers to arbitrarily change the admin password. CVSSv3.1 metrics in NVD/CVE entries: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N (base score 7.5, HIGH). Attack vect...

7.5CVSS7.6AI score0.00683EPSS
CVE
CVE
added 2022/10/27 12:0 a.m.53 views

CVE-2022-43367

CVE-2022-43367 describes a command injection vulnerability in IP-COM EW9 firmware. Affected: IP-COM EW9 version 15.11.0.14(9732). Root cause: the formSetDebugCfg function exposes a mechanism susceptible to command injection. Impact is high across confidentiality, integrity, and availability; acce...

9.8CVSS9.7AI score0.05182EPSS
CVE
CVE
added 2022/10/27 12:0 a.m.51 views

CVE-2022-43366

CVE-2022-43366 affects IP-COM EW9, version 15.11.0.14(9732). The flaw allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces. NVD/CVE metrics assign CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (base score ...

7.5CVSS7.4AI score0.00805EPSS
CVE
CVE
added 2022/12/13 12:0 a.m.49 views

CVE-2022-45005

CVE-2022-45005 affects IP-COM EW9 firmware v15.11.0.14(9732). The issue is a command injection in the cmd_get_ping_output function, enabling an attacker to inject commands via the affected feature. Reported impact is high (confidentiality, integrity, and availability all high) with network-expose...

9.8CVSS9.7AI score0.05352EPSS
CVE
CVE
added 2022/10/27 12:0 a.m.47 views

CVE-2022-43365

The CVE-2022-43365 vulnerability affects IP-COM EW9 router (firmware version V15.11.0.14(9732)). A buffer overflow in the formSetDebugCfg function is described, enabling a crafted string to trigger a Denial of Service (DoS). Connected sources consistently cite the same root cause and impact witho...

7.5CVSS7.6AI score0.00815EPSS