VYPR
Vendor

Airties

Products
16
CVEs
15
Across products
17
Status
Private

Products

16

Recent CVEs

15
  • CVE-2018-17593MedOct 2, 2018
    risk 0.43cvss 6.1epss 0.02

    AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

  • CVE-2018-17591MedOct 2, 2018
    risk 0.43cvss 6.1epss 0.02

    AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

  • CVE-2018-17590MedOct 2, 2018
    risk 0.43cvss 6.1epss 0.02

    AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

  • CVE-2018-17588MedOct 2, 2018
    risk 0.43cvss 6.1epss 0.02

    AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

  • CVE-2018-17587MedOct 2, 2018
    risk 0.43cvss 6.1epss 0.02

    AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

  • CVE-2018-8738MedJul 5, 2018
    risk 0.43cvss 6.1epss 0.02

    Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.

  • CVE-2024-9477MedNov 13, 2024
    risk 0.40cvss 6.1epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting (XSS). This issue affects Air4443 Firmware: through 14102024. NOTE: The vendor was contacted and it was learned…

  • CVE-2018-17594MedOct 2, 2018
    risk 0.40cvss 6.1epss 0.01

    AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

  • CVE-2018-17589MedOct 2, 2018
    risk 0.40cvss 6.1epss 0.01

    AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.

  • CVE-2015-2797Jun 19, 2015
    risk 0.09cvss epss 0.78

    Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.

  • CVE-2019-6967Mar 17, 2019
    risk 0.03cvss epss 0.14

    AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.

  • CVE-2012-0902Jan 20, 2012
    risk 0.03cvss epss 0.03

    AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of service (reboot) via a direct request to cgi-bin/loader.

  • CVE-2022-38789Sep 15, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference.

  • CVE-2015-4679Jun 19, 2015
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Airties RT-210 allow remote attackers to inject arbitrary web script or HTML via the (1) ddns_domainame or (2) ddns_account parameter to ddns.stm.

  • CVE-2014-100032Jan 13, 2015
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in top.html in the Airties Air 6372 modem allows remote attackers to inject arbitrary web script or HTML via the productboardtype parameter.