CX2
by Motorola
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-21937 | 0.01 | — | 0.05 | Jul 21, 2021 | An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands. | |||
| CVE-2020-21936 | 0.00 | — | 0.01 | Jul 21, 2021 | An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication. | |||
| CVE-2020-21935 | 0.00 | — | 0.04 | Jul 21, 2021 | A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code. | |||
| CVE-2020-21934 | 0.00 | — | 0.02 | Jul 21, 2021 | An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed. | |||
| CVE-2020-21933 | 0.00 | — | 0.01 | Jul 21, 2021 | An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package. | |||
| CVE-2020-21932 | 0.00 | — | 0.01 | Jul 21, 2021 | A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid. | |||
| CVE-2019-12297 | 0.00 | — | 0.02 | May 23, 2019 | An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080. | |||
| CVE-2019-11322 | 0.00 | — | 0.04 | Apr 18, 2019 | An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value. | |||
| CVE-2019-11321 | 0.00 | — | 0.01 | Apr 18, 2019 | An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices. | |||
| CVE-2019-11320 | 0.00 | — | 0.02 | Apr 18, 2019 | In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address. | |||
| CVE-2019-11319 | 0.00 | — | 0.04 | Apr 18, 2019 | An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value. |
- CVE-2020-21937Jul 21, 2021risk 0.01cvss —epss 0.05
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.
- CVE-2020-21936Jul 21, 2021risk 0.00cvss —epss 0.01
An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.
- CVE-2020-21935Jul 21, 2021risk 0.00cvss —epss 0.04
A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.
- CVE-2020-21934Jul 21, 2021risk 0.00cvss —epss 0.02
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.
- CVE-2020-21933Jul 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.
- CVE-2020-21932Jul 21, 2021risk 0.00cvss —epss 0.01
A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid.
- CVE-2019-12297May 23, 2019risk 0.00cvss —epss 0.02
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080.
- CVE-2019-11322Apr 18, 2019risk 0.00cvss —epss 0.04
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value.
- CVE-2019-11321Apr 18, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices.
- CVE-2019-11320Apr 18, 2019risk 0.00cvss —epss 0.02
In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address.
- CVE-2019-11319Apr 18, 2019risk 0.00cvss —epss 0.04
An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value.