VYPR

HOME SPOT CUBE2

by au.com

CVEs (2)

  • CVE-2024-23978CriFeb 2, 2024
    risk 0.64cvss 9.8epss 0.01

    Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported.

  • CVE-2022-33948HigJul 4, 2022
    risk 0.57cvss 8.8epss 0.01

    HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product.