VYPR

CH7465LG

by Compal

CVEs (2)

  • CVE-2019-13025CriOct 2, 2019
    risk 0.64cvss 9.8epss 0.03

    Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API…

  • CVE-2019-17499HigOct 11, 2019
    risk 0.57cvss 8.8epss 0.03

    The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the Target_IP parameter.