Cx2 Firmware Security Vulnerabilities and Issues — Cx2 Firmware CVE List

Lucene search

MotorolaCx2 Firmware

11 matches found

CVE•added 2019/04/18 5:29 p.m.•38 views

CVE-2019-11319

An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value.

9.8CVSS9.9AI score0.04516EPSS

CVE•added 2021/07/21 3:15 p.m.•36 views

CVE-2020-21937

An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.

10CVSS9.7AI score0.0889EPSS

CVE•added 2019/04/18 5:29 p.m.•34 views

CVE-2019-11320

In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address.

9.8CVSS9.3AI score0.00433EPSS

CVE•added 2019/05/23 2:29 p.m.•33 views

CVE-2019-12297

An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080.

9.8CVSS9.4AI score0.00433EPSS

CVE•added 2021/07/21 3:15 p.m.•33 views

CVE-2020-21934

An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.

7.5CVSS7.5AI score0.00307EPSS

CVE•added 2019/04/18 5:29 p.m.•32 views

CVE-2019-11322

An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value.

9.8CVSS9.9AI score0.04516EPSS

CVE•added 2019/04/18 5:29 p.m.•30 views

CVE-2019-11321

An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices.

5.3CVSS5.2AI score0.00267EPSS

CVE•added 2021/07/21 3:15 p.m.•28 views

CVE-2020-21933

An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.

7.5CVSS7.6AI score0.00285EPSS

CVE•added 2021/07/21 3:15 p.m.•26 views

CVE-2020-21936

An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.

5.3CVSS5.3AI score0.00223EPSS

CVE•added 2021/07/21 3:15 p.m.•24 views

CVE-2020-21932

A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid.

5.3CVSS5.3AI score0.00192EPSS

CVE•added 2021/07/21 3:15 p.m.•24 views

CVE-2020-21935

A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.

9.8CVSS9.8AI score0.0334EPSS