Vendor
Dreambox
Products
4
CVEs
4
Across products
4
Status
Private
Products
4- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14135 | Cri | 0.65 | 9.8 | 0.22 | Sep 4, 2017 | enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI. | ||
| CVE-2011-4716 | 0.03 | — | 0.04 | Dec 8, 2011 | Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter. | |||
| CVE-2015-4714 | 0.00 | — | 0.01 | Jun 22, 2015 | Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body. | |||
| CVE-2008-3936 | 0.00 | — | 0.02 | Sep 5, 2008 | The web interface in Dreambox DM500C allows remote attackers to cause a denial of service (application hang) via a long URI. |
- risk 0.65cvss 9.8epss 0.22
enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI.
- CVE-2011-4716Dec 8, 2011risk 0.03cvss —epss 0.04
Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter.
- CVE-2015-4714Jun 22, 2015risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body.
- CVE-2008-3936Sep 5, 2008risk 0.00cvss —epss 0.02
The web interface in Dreambox DM500C allows remote attackers to cause a denial of service (application hang) via a long URI.