Vendor CVEs
Motorola
All CVEs
129 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-55414 | Cri | 0.64 | 9.8 | 0.01 | Jan 7, 2025 | A vulnerability exits in driver SmSerl64.sys in Motorola SM56 Modem WDM Driver v6.12.23.0, which allows low-privileged users to mapping physical memory via specially crafted IOCTL requests . This can be exploited for privilege escalation, code execution under high privileges,… | ||
| CVE-2017-0829 | Cri | 0.64 | 9.8 | 0.00 | Oct 4, 2017 | An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044. | ||
| CVE-2013-2596 | Hig | 0.56 | 7.8 | 0.03 | KEV | Apr 13, 2013 | Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and… | |
| CVE-2026-5804 | Hig | 0.55 | 8.4 | 0.00 | May 19, 2026 | An improper authentication vulnerability was discovered in the Motorola Factory Test component (com.motorola.motocit). The application contained a reference to a writable file descriptor in external storage which could be used by third party apps running on the device to… | ||
| CVE-2016-10277 | Hig | 0.54 | 7.8 | 0.09 | May 12, 2017 | An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may… | ||
| CVE-2024-45880 | Hig | 0.52 | 8.0 | 0.01 | Oct 8, 2024 | A command injection vulnerability exists in Motorola CX2L router v1.0.2 and below. The vulnerability is present in the SetStationSettings function. The system directly invokes the system function to execute commands for setting parameters such as MAC address without proper input… | ||
| CVE-2018-5827 | Hig | 0.51 | 7.8 | 0.00 | May 17, 2018 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event. | ||
| CVE-2015-8937 | Hig | 0.51 | 7.8 | 0.00 | Aug 6, 2016 | drivers/char/diag/diagchar_core.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 6, and 7 (2013) devices mishandles a socket process, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28803962 and Qualcomm internal… | ||
| CVE-2014-9873 | Hig | 0.51 | 7.8 | 0.00 | Aug 6, 2016 | Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28750726 and Qualcomm… | ||
| CVE-2014-9871 | Hig | 0.51 | 7.8 | 0.01 | Aug 6, 2016 | Multiple buffer overflows in drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28749803 and… | ||
| CVE-2014-9869 | Hig | 0.51 | 7.8 | 0.01 | Aug 6, 2016 | drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain index values, which allows attackers to gain privileges via a crafted application, aka Android internal… | ||
| CVE-2014-9784 | Hig | 0.51 | 7.8 | 0.01 | Jul 11, 2016 | Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28442449 and Qualcomm internal bug… | ||
| CVE-2015-7936 | Hig | 0.49 | 7.5 | 0.01 | Dec 23, 2015 | Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password. | ||
| CVE-2015-7935 | Hig | 0.49 | 7.5 | 0.02 | Dec 23, 2015 | Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2018-12499 | Hig | 0.48 | 7.4 | 0.00 | Jul 2, 2018 | The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was… | ||
| CVE-2022-4001 | Hig | 0.47 | 7.3 | 0.00 | Jul 31, 2024 | An authentication bypass vulnerability could allow an attacker to access API functions without authentication. | ||
| CVE-2025-1700 | Hig | 0.46 | 7.0 | 0.00 | Jul 17, 2025 | A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a local attacker to escalate privileges during installation of the software. | ||
| CVE-2023-38291 | Hig | 0.46 | 7.1 | 0.00 | Apr 22, 2024 | An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC… | ||
| CVE-2017-9497 | Med | 0.44 | 6.8 | 0.00 | Jul 31, 2017 | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics menu on the set-top box, and then posting to a Web Inspector route. | ||
| CVE-2023-41830 | Med | 0.42 | 6.5 | 0.00 | May 3, 2024 | An improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization. | ||
| CVE-2024-3109 | Med | 0.41 | 6.3 | 0.00 | May 3, 2024 | A hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with a lack of URI sanitation, could allow for a local attacker to read arbitrary files. | ||
| CVE-2017-9493 | Med | 0.41 | 6.3 | 0.01 | Jul 31, 2017 | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to conduct successful forced-pairing attacks (between an RF4CE remote and a set-top box) by repeatedly transmitting the same pairing code. | ||
| CVE-2023-41819 | Med | 0.40 | 6.1 | 0.00 | May 3, 2024 | A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers. | ||
| CVE-2024-3108 | Med | 0.36 | 5.5 | 0.00 | May 3, 2024 | An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization. | ||
| CVE-2017-9498 | Med | 0.36 | 5.5 | 0.00 | Jul 31, 2017 | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving… | ||
| CVE-2016-6678 | Med | 0.36 | 5.5 | 0.00 | Oct 10, 2016 | The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 29914434. | ||
| CVE-2017-9494 | Med | 0.35 | 5.3 | 0.01 | Jul 31, 2017 | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet. | ||
| CVE-2023-41826 | Med | 0.33 | 5.1 | 0.00 | May 3, 2024 | A PendingIntent hijacking vulnerability in Motorola Device Help (Genie) application that could allow local attackers to access files or interact with non-exported software components without permission. | ||
| CVE-2023-41820 | Med | 0.33 | 5.0 | 0.00 | May 3, 2024 | An implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices. | ||
| CVE-2023-41818 | Med | 0.33 | 5.0 | 0.00 | May 3, 2024 | An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs. | ||
| CVE-2023-41816 | Med | 0.33 | 5.0 | 0.00 | May 3, 2024 | An improper export vulnerability was reported in the Motorola Services Main application that could allow a local attacker to write to a local database. | ||
| CVE-2023-41829 | Med | 0.33 | 5.0 | 0.00 | Mar 4, 2024 | An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization. | ||
| CVE-2023-41827 | Med | 0.33 | 5.1 | 0.00 | Mar 4, 2024 | An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI. | ||
| CVE-2023-41822 | Med | 0.31 | 4.8 | 0.00 | May 3, 2024 | An improper export vulnerability was reported in the Motorola Interface Test Tool application that could allow a malicious local application to execute OS commands. | ||
| CVE-2017-9495 | Med | 0.30 | 4.6 | 0.00 | Jul 31, 2017 | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing "EXIT, Down, Down, 2" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web… | ||
| CVE-2023-41828 | Med | 0.29 | 4.4 | 0.00 | May 3, 2024 | An implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider. | ||
| CVE-2023-41823 | Med | 0.29 | 4.4 | 0.00 | May 3, 2024 | An improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities. | ||
| CVE-2023-38301 | Low | 0.22 | 3.4 | 0.00 | Apr 22, 2024 | An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl… | ||
| CVE-2024-3480 | Low | 0.18 | 2.8 | 0.00 | May 3, 2024 | An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data. | ||
| CVE-2024-3479 | Low | 0.18 | 2.8 | 0.00 | May 3, 2024 | An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data. | ||
| CVE-2023-41825 | Low | 0.18 | 2.8 | 0.00 | May 3, 2024 | A path traversal vulnerability was reported in the Motorola Ready For application that could allow a local attacker to access local files. | ||
| CVE-2023-41824 | Low | 0.18 | 2.8 | 0.00 | May 3, 2024 | An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data. | ||
| CVE-2023-41817 | Low | 0.18 | 2.8 | 0.00 | May 3, 2024 | An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information. | ||
| CVE-2021-3577 | 0.06 | — | 0.60 | Nov 12, 2021 | An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker on the same network unauthorized access to the device. | |||
| CVE-2009-1394 | 0.06 | — | 0.33 | Jun 26, 2009 | Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows allows remote attackers to execute arbitrary code by sending a long malformed string over the PlughNTCommand named pipe. | |||
| CVE-2010-2307 | 0.04 | — | 0.09 | Jun 16, 2010 | Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded… | |||
| CVE-2006-5196 | 0.04 | — | 0.07 | Oct 10, 2006 | The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows remote attackers to cause a denial of service (device crash) via a request with MfcISAPICommand set to SecretProc and a long string in the Secret parameter. | |||
| CVE-2004-1550 | 0.04 | — | 0.19 | Dec 31, 2004 | Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on. | |||
| CVE-2009-0393 | 0.03 | — | 0.01 | Feb 3, 2009 | Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to inject arbitrary web script or HTML via the page parameter. | |||
| CVE-2009-0392 | 0.03 | — | 0.02 | Feb 3, 2009 | Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter. |
- risk 0.64cvss 9.8epss 0.01
A vulnerability exits in driver SmSerl64.sys in Motorola SM56 Modem WDM Driver v6.12.23.0, which allows low-privileged users to mapping physical memory via specially crafted IOCTL requests . This can be exploited for privilege escalation, code execution under high privileges,…
- risk 0.64cvss 9.8epss 0.00
An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044.
- risk 0.56cvss 7.8epss 0.03
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and…
- risk 0.55cvss 8.4epss 0.00
An improper authentication vulnerability was discovered in the Motorola Factory Test component (com.motorola.motocit). The application contained a reference to a writable file descriptor in external storage which could be used by third party apps running on the device to…
- risk 0.54cvss 7.8epss 0.09
An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…
- risk 0.52cvss 8.0epss 0.01
A command injection vulnerability exists in Motorola CX2L router v1.0.2 and below. The vulnerability is present in the SetStationSettings function. The system directly invokes the system function to execute commands for setting parameters such as MAC address without proper input…
- risk 0.51cvss 7.8epss 0.00
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.
- risk 0.51cvss 7.8epss 0.00
drivers/char/diag/diagchar_core.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 6, and 7 (2013) devices mishandles a socket process, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28803962 and Qualcomm internal…
- risk 0.51cvss 7.8epss 0.00
Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28750726 and Qualcomm…
- risk 0.51cvss 7.8epss 0.01
Multiple buffer overflows in drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28749803 and…
- risk 0.51cvss 7.8epss 0.01
drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain index values, which allows attackers to gain privileges via a crafted application, aka Android internal…
- risk 0.51cvss 7.8epss 0.01
Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28442449 and Qualcomm internal bug…
- risk 0.49cvss 7.5epss 0.01
Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password.
- risk 0.49cvss 7.5epss 0.02
Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors.
- risk 0.48cvss 7.4epss 0.00
The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was…
- risk 0.47cvss 7.3epss 0.00
An authentication bypass vulnerability could allow an attacker to access API functions without authentication.
- risk 0.46cvss 7.0epss 0.00
A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a local attacker to escalate privileges during installation of the software.
- risk 0.46cvss 7.1epss 0.00
An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC…
- risk 0.44cvss 6.8epss 0.00
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics menu on the set-top box, and then posting to a Web Inspector route.
- risk 0.42cvss 6.5epss 0.00
An improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization.
- risk 0.41cvss 6.3epss 0.00
A hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with a lack of URI sanitation, could allow for a local attacker to read arbitrary files.
- risk 0.41cvss 6.3epss 0.01
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to conduct successful forced-pairing attacks (between an RF4CE remote and a set-top box) by repeatedly transmitting the same pairing code.
- risk 0.40cvss 6.1epss 0.00
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.
- risk 0.36cvss 5.5epss 0.00
An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization.
- risk 0.36cvss 5.5epss 0.00
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving…
- risk 0.36cvss 5.5epss 0.00
The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 29914434.
- risk 0.35cvss 5.3epss 0.01
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet.
- risk 0.33cvss 5.1epss 0.00
A PendingIntent hijacking vulnerability in Motorola Device Help (Genie) application that could allow local attackers to access files or interact with non-exported software components without permission.
- risk 0.33cvss 5.0epss 0.00
An implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices.
- risk 0.33cvss 5.0epss 0.00
An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs.
- risk 0.33cvss 5.0epss 0.00
An improper export vulnerability was reported in the Motorola Services Main application that could allow a local attacker to write to a local database.
- risk 0.33cvss 5.0epss 0.00
An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization.
- risk 0.33cvss 5.1epss 0.00
An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI.
- risk 0.31cvss 4.8epss 0.00
An improper export vulnerability was reported in the Motorola Interface Test Tool application that could allow a malicious local application to execute OS commands.
- risk 0.30cvss 4.6epss 0.00
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing "EXIT, Down, Down, 2" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web…
- risk 0.29cvss 4.4epss 0.00
An implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider.
- risk 0.29cvss 4.4epss 0.00
An improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities.
- risk 0.22cvss 3.4epss 0.00
An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl…
- risk 0.18cvss 2.8epss 0.00
An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data.
- risk 0.18cvss 2.8epss 0.00
An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data.
- risk 0.18cvss 2.8epss 0.00
A path traversal vulnerability was reported in the Motorola Ready For application that could allow a local attacker to access local files.
- risk 0.18cvss 2.8epss 0.00
An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data.
- risk 0.18cvss 2.8epss 0.00
An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.
- CVE-2021-3577Nov 12, 2021risk 0.06cvss —epss 0.60
An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker on the same network unauthorized access to the device.
- CVE-2009-1394Jun 26, 2009risk 0.06cvss —epss 0.33
Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows allows remote attackers to execute arbitrary code by sending a long malformed string over the PlughNTCommand named pipe.
- CVE-2010-2307Jun 16, 2010risk 0.04cvss —epss 0.09
Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded…
- CVE-2006-5196Oct 10, 2006risk 0.04cvss —epss 0.07
The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows remote attackers to cause a denial of service (device crash) via a request with MfcISAPICommand set to SecretProc and a long string in the Secret parameter.
- CVE-2004-1550Dec 31, 2004risk 0.04cvss —epss 0.19
Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on.
- CVE-2009-0393Feb 3, 2009risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to inject arbitrary web script or HTML via the page parameter.
- CVE-2009-0392Feb 3, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter.
Page 1 of 3