VYPR
Vendor

Garrett Metal Detectors

Products
1
CVEs
7
Across products
7
Status
Private

Products

1

Recent CVEs

7
  • CVE-2021-21903CriDec 22, 2021
    risk 0.64cvss 9.8epss 0.02

    A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to…

  • CVE-2021-21901HigDec 22, 2021
    risk 0.57cvss 8.8epss 0.02

    A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to memcpy. An attacker can send a malicious packet to…

  • CVE-2021-21902HigDec 22, 2021
    risk 0.53cvss 8.1epss 0.02

    An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. A properly-timed network connection can lead to authentication bypass via session hijacking. An attacker can send a sequence of requests…

  • CVE-2021-21906HigDec 22, 2021
    risk 0.47cvss 7.2epss 0.01

    Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI…

  • CVE-2021-21905HigDec 22, 2021
    risk 0.47cvss 7.2epss 0.01

    Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI…

  • CVE-2021-21904HigDec 22, 2021
    risk 0.47cvss 7.2epss 0.03

    A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal Detectors’ iC Module CMA Version 5.0. An attacker can provide malicious input to trigger this vulnerability

  • CVE-2021-21907MedDec 22, 2021
    risk 0.32cvss 4.9epss 0.01

    A directory traversal vulnerability exists in the CMA CLI getenv command functionality of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted command line argument can lead to local file inclusion. An attacker can provide malicious input to trigger this…