VYPR

XT2 Sync Module

by Blink

CVEs (7)

  • CVE-2019-3984CriDec 31, 2019
    risk 0.64cvss 9.8epss 0.04

    Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when the device retrieves updates scripts from the internet.

  • CVE-2019-3989CriDec 11, 2019
    risk 0.64cvss 9.8epss 0.04

    Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when retrieving internal network configuration data.

  • CVE-2019-3988HigDec 11, 2019
    risk 0.57cvss 8.8epss 0.02

    Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter.

  • CVE-2019-3987HigDec 11, 2019
    risk 0.57cvss 8.8epss 0.02

    Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter.

  • CVE-2019-3986HigDec 11, 2019
    risk 0.57cvss 8.8epss 0.01

    Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter.

  • CVE-2019-3985HigDec 11, 2019
    risk 0.57cvss 8.8epss 0.02

    Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.

  • CVE-2019-3983MedDec 11, 2019
    risk 0.44cvss 6.8epss 0.01

    Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections.