XT2 Sync Module
by Blink
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-3984 | Cri | 0.64 | 9.8 | 0.04 | Dec 31, 2019 | Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when the device retrieves updates scripts from the internet. | ||
| CVE-2019-3989 | Cri | 0.64 | 9.8 | 0.04 | Dec 11, 2019 | Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when retrieving internal network configuration data. | ||
| CVE-2019-3988 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2019 | Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter. | ||
| CVE-2019-3987 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2019 | Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter. | ||
| CVE-2019-3986 | Hig | 0.57 | 8.8 | 0.01 | Dec 11, 2019 | Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter. | ||
| CVE-2019-3985 | Hig | 0.57 | 8.8 | 0.02 | Dec 11, 2019 | Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter. | ||
| CVE-2019-3983 | Med | 0.44 | 6.8 | 0.01 | Dec 11, 2019 | Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections. |
- risk 0.64cvss 9.8epss 0.04
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when the device retrieves updates scripts from the internet.
- risk 0.64cvss 9.8epss 0.04
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when retrieving internal network configuration data.
- risk 0.57cvss 8.8epss 0.02
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter.
- risk 0.57cvss 8.8epss 0.02
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter.
- risk 0.57cvss 8.8epss 0.01
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter.
- risk 0.57cvss 8.8epss 0.02
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.
- risk 0.44cvss 6.8epss 0.01
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections.