Vendor
BWA
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-10248 | 0.00 | — | 0.01 | Mar 9, 2020 | BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3. | |||
| CVE-2020-10249 | 0.00 | — | 0.00 | Mar 9, 2020 | BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3. | |||
| CVE-2020-10250 | 0.00 | — | 0.03 | Mar 9, 2020 | BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3. |
- CVE-2020-10248Mar 9, 2020risk 0.00cvss —epss 0.01
BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3.
- CVE-2020-10249Mar 9, 2020risk 0.00cvss —epss 0.00
BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3.
- CVE-2020-10250Mar 9, 2020risk 0.00cvss —epss 0.03
BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3.