Prc2402m Firmware Security Vulnerabilities and Issues — Prc2402m Firmware CVE List

Lucene search

ProlinkPrc2402m Firmware

4 matches found

CVE•added 2021/08/06 2:15 p.m.•49 views

CVE-2021-36707

In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the led_cmd parameter is passed directly to do_system.

9.8CVSS9.6AI score0.11787EPSS

CVE•added 2021/08/06 2:15 p.m.•45 views

CVE-2021-36705

In ProLink PRC2402M V1.0.18 and older, the set_TR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069_local_port parameter is passed directly to system.

9.8CVSS9.6AI score0.11787EPSS

CVE•added 2021/08/06 2:15 p.m.•44 views

CVE-2021-36706

In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system.

9.8CVSS9.6AI score0.11787EPSS

CVE•added 2021/08/06 2:15 p.m.•43 views

CVE-2021-36708

In ProLink PRC2402M V1.0.18 and older, the set_sys_init function in the login.cgi binary allows an attacker to reset the password to the administrative interface of the router.

7.5CVSS7.5AI score0.0029EPSS