Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectel_handle_fumo_cfg input in atfwd_daemon.
9.8CVSS
9.6AI Score
0.007EPSS
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting (XSS) vulnerability.
6.1CVSS
6AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.005EPSS
OS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary commands via ql_atfwd.
9.8CVSS
9.8AI Score
0.002EPSS