VYPR

LH1000

by Arcadyan

CVEs (2)

  • CVE-2023-43477Sep 20, 2023
    risk 0.02cvss epss 0.16

    The ping_from parameter of ping_tracerte.cgi in the web UI of Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as…

  • CVE-2023-43478Sep 20, 2023
    risk 0.00cvss epss 0.17

    fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately…