VYPR
Vendor

IP-COM

Products
3
CVEs
21
Across products
21
Status
Private

Products

3

Recent CVEs

21
View all 21 CVEs →
  • CVE-2022-45711CriDec 23, 2022
    risk 0.65cvss 9.8epss 0.20

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the hostname parameter in the formSetNetCheckTools function.

  • CVE-2022-45721CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.

  • CVE-2022-45720CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.

  • CVE-2022-45719CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.

  • CVE-2022-45718CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.

  • CVE-2022-45717CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.04

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request.

  • CVE-2022-45716CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.

  • CVE-2022-45715CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.

  • CVE-2022-45714CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.

  • CVE-2022-45712CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function.

  • CVE-2022-45710CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.

  • CVE-2022-45709CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.04

    IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.

  • CVE-2022-45708CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function.

  • CVE-2022-45707CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function.

  • CVE-2022-45706CriDec 23, 2022
    risk 0.64cvss 9.8epss 0.01

    IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function.

  • CVE-2022-45005CriDec 13, 2022
    risk 0.64cvss 9.8epss 0.05

    IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.

  • CVE-2022-43367CriOct 27, 2022
    risk 0.64cvss 9.8epss 0.05

    IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the formSetDebugCfg function.

  • CVE-2022-43366HigOct 27, 2022
    risk 0.49cvss 7.5epss 0.01

    IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces.

  • CVE-2022-43365HigOct 27, 2022
    risk 0.49cvss 7.5epss 0.01

    IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

  • CVE-2022-43364HigOct 27, 2022
    risk 0.49cvss 7.5epss 0.01

    An access control issue in the password reset page of IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to arbitrarily change the admin password.

VYPR — Vulnerability Intelligence