VYPR
Vendor

Mitrastar

Products
5
CVEs
7
Across products
11
Status
Private

Products

5

Recent CVEs

7
  • CVE-2017-16523CriNov 3, 2017
    risk 0.64cvss 9.8epss 0.04

    MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented.

  • CVE-2021-42165HigMay 3, 2022
    risk 0.61cvss 8.8epss 0.14

    MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command "deviceinfo show file &&/bin/bash" because of incorrect sanitization of parameter "path".

  • CVE-2023-30065HigMay 5, 2023
    risk 0.57cvss 8.8epss 0.01

    MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function.

  • CVE-2017-16522HigNov 3, 2017
    risk 0.57cvss 8.8epss 0.03

    MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute.

  • CVE-2025-50753HigAug 26, 2025
    risk 0.55cvss 8.4epss 0.00

    Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" (quotes included) to the argument of this…

  • CVE-2023-33381HigJun 6, 2023
    risk 0.49cvss 7.2epss 0.22

    A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2). The vulnerability allows an authenticated user to execute arbitrary OS commands by sending specially crafted input to the router via…

  • CVE-2024-9977MedOct 15, 2024
    risk 0.32cvss 4.7epss 0.22

    A vulnerability, which was classified as critical, was found in MitraStar GPT-2541GNAC BR_g5.6_1.11(WVK.0)b26. Affected is an unknown function of the file /cgi-bin/settings-firewall.cgi of the component Firewall Settings Page. The manipulation of the argument SrcInterface leads…