VYPR

Vendor CVEs

Motorola

All CVEs

129 total · sorted by risk
  • CVE-2007-4220Aug 29, 2007
    risk 0.03cvss epss 0.04

    Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services.

  • CVE-2006-1367Mar 23, 2006
    risk 0.03cvss epss 0.03

    The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and…

  • CVE-2023-31528May 11, 2023
    risk 0.01cvss epss 0.02

    Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter.

  • CVE-2023-31531May 11, 2023
    risk 0.01cvss epss 0.02

    Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter.

  • CVE-2023-31530May 11, 2023
    risk 0.01cvss epss 0.02

    Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter.

  • CVE-2023-31529May 11, 2023
    risk 0.01cvss epss 0.02

    Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter.

  • CVE-2020-21937Jul 21, 2021
    risk 0.01cvss epss 0.05

    An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.

  • CVE-2019-9119Mar 7, 2019
    risk 0.01cvss epss 0.06

    An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary…

  • CVE-2007-4221Aug 29, 2007
    risk 0.01cvss epss 0.06

    Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via (1) a long user name and (2) certain malformed requests; and (3) allow remote Timbuktu servers to…

  • CVE-2022-4002Jul 31, 2024
    risk 0.00cvss epss 0.01

    A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially crafted API request.

  • CVE-2022-4003Jul 31, 2024
    risk 0.00cvss epss 0.00

    A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request.

  • CVE-2024-25360Feb 12, 2024
    risk 0.00cvss epss 0.00

    A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip.

  • CVE-2024-23630Jan 25, 2024
    risk 0.00cvss epss 0.01

    An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed.

  • CVE-2024-23629Jan 25, 2024
    risk 0.00cvss epss 0.01

    An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information.

  • CVE-2024-23628Jan 25, 2024
    risk 0.00cvss epss 0.03

    A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.

  • CVE-2024-23627Jan 25, 2024
    risk 0.00cvss epss 0.04

    A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.

  • CVE-2024-23626Jan 25, 2024
    risk 0.00cvss epss 0.04

    A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.

  • CVE-2022-3681Oct 27, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network.

  • CVE-2022-26941Oct 19, 2023
    risk 0.00cvss epss 0.00

    A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution…

  • CVE-2022-26942Oct 19, 2023
    risk 0.00cvss epss 0.00

    The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with…

  • CVE-2022-27813Oct 19, 2023
    risk 0.00cvss epss 0.00

    Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left…

  • CVE-2022-26943Oct 19, 2023
    risk 0.00cvss epss 0.00

    The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. Low boottime entropy and limited re-seeding of the pool renders the authentication challenge vulnerable to two attacks. First, due…

  • CVE-2023-23774Aug 29, 2023
    risk 0.00cvss epss 0.00

    Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an…

  • CVE-2023-23773Aug 29, 2023
    risk 0.00cvss epss 0.00

    Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave…

  • CVE-2023-23772Aug 29, 2023
    risk 0.00cvss epss 0.00

    Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material,…

  • CVE-2023-23771Aug 29, 2023
    risk 0.00cvss epss 0.00

    Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.

  • CVE-2023-23770Aug 29, 2023
    risk 0.00cvss epss 0.00

    Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.

  • CVE-2022-34885Jan 30, 2023
    risk 0.00cvss epss 0.00

    An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code.

  • CVE-2022-3917Dec 14, 2022
    risk 0.00cvss epss 0.00

    Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data.

  • CVE-2022-30276Jul 26, 2022
    risk 0.00cvss epss 0.01

    The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links)…

  • CVE-2022-30269Jul 26, 2022
    risk 0.00cvss epss 0.00

    Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files)…

  • CVE-2022-30270Jul 26, 2022
    risk 0.00cvss epss 0.01

    The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is…

  • CVE-2022-30271Jul 26, 2022
    risk 0.00cvss epss 0.01

    The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default.

  • CVE-2022-30272Jul 26, 2022
    risk 0.00cvss epss 0.00

    The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the STS software suite or ACE1000 Easy Configurator for performing firmware updates. In case of the Easy Configurator, firmware updates are performed through access to the Web UI where…

  • CVE-2022-30274Jul 26, 2022
    risk 0.00cvss epss 0.01

    The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm (TEA) in ECB…

  • CVE-2022-30275Jul 26, 2022
    risk 0.00cvss epss 0.00

    The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It utilizes an MDLC driver to communicate with MOSCAD/ACE RTUs for engineering purposes. Access to these communications is protected by a password stored in cleartext in the wmdlcdrv.ini…

  • CVE-2022-30273Jul 26, 2022
    risk 0.00cvss epss 0.00

    The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm (TEA) block-cipher in ECB mode. This mode…

  • CVE-2021-3898Apr 22, 2022
    risk 0.00cvss epss 0.00

    Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker.

  • CVE-2021-3793Nov 12, 2021
    risk 0.00cvss epss 0.01

    An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware…

  • CVE-2021-3792Nov 12, 2021
    risk 0.00cvss epss 0.00

    Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypted which could lead to the communication channel being accessible by an attacker.

  • CVE-2021-3791Nov 12, 2021
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password.

  • CVE-2021-3790Nov 12, 2021
    risk 0.00cvss epss 0.00

    A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device.

  • CVE-2021-3789Nov 12, 2021
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access to obtain the encryption key used to decrypt firmware update packages.

  • CVE-2021-3788Nov 12, 2021
    risk 0.00cvss epss 0.00

    An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device.

  • CVE-2021-3787Nov 12, 2021
    risk 0.00cvss epss 0.00

    A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to backend Hubble services.

  • CVE-2021-3458Aug 17, 2021
    risk 0.00cvss epss 0.00

    The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified.

  • CVE-2020-21936Jul 21, 2021
    risk 0.00cvss epss 0.01

    An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.

  • CVE-2020-21935Jul 21, 2021
    risk 0.00cvss epss 0.04

    A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.

  • CVE-2020-21934Jul 21, 2021
    risk 0.00cvss epss 0.02

    An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.

  • CVE-2020-21933Jul 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.