Vendor CVEs
Motorola
All CVEs
129 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-4220 | 0.03 | — | 0.04 | Aug 29, 2007 | Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services. | |||
| CVE-2006-1367 | 0.03 | — | 0.03 | Mar 23, 2006 | The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and… | |||
| CVE-2023-31528 | 0.01 | — | 0.02 | May 11, 2023 | Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter. | |||
| CVE-2023-31531 | 0.01 | — | 0.02 | May 11, 2023 | Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter. | |||
| CVE-2023-31530 | 0.01 | — | 0.02 | May 11, 2023 | Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter. | |||
| CVE-2023-31529 | 0.01 | — | 0.02 | May 11, 2023 | Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter. | |||
| CVE-2020-21937 | 0.01 | — | 0.05 | Jul 21, 2021 | An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands. | |||
| CVE-2019-9119 | 0.01 | — | 0.06 | Mar 7, 2019 | An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary… | |||
| CVE-2007-4221 | 0.01 | — | 0.06 | Aug 29, 2007 | Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via (1) a long user name and (2) certain malformed requests; and (3) allow remote Timbuktu servers to… | |||
| CVE-2022-4002 | 0.00 | — | 0.01 | Jul 31, 2024 | A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially crafted API request. | |||
| CVE-2022-4003 | 0.00 | — | 0.00 | Jul 31, 2024 | A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request. | |||
| CVE-2024-25360 | 0.00 | — | 0.00 | Feb 12, 2024 | A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip. | |||
| CVE-2024-23630 | 0.00 | — | 0.01 | Jan 25, 2024 | An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed. | |||
| CVE-2024-23629 | 0.00 | — | 0.01 | Jan 25, 2024 | An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information. | |||
| CVE-2024-23628 | 0.00 | — | 0.03 | Jan 25, 2024 | A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. | |||
| CVE-2024-23627 | 0.00 | — | 0.04 | Jan 25, 2024 | A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. | |||
| CVE-2024-23626 | 0.00 | — | 0.04 | Jan 25, 2024 | A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. | |||
| CVE-2022-3681 | 0.00 | — | 0.00 | Oct 27, 2023 | A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network. | |||
| CVE-2022-26941 | 0.00 | — | 0.00 | Oct 19, 2023 | A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution… | |||
| CVE-2022-26942 | 0.00 | — | 0.00 | Oct 19, 2023 | The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with… | |||
| CVE-2022-27813 | 0.00 | — | 0.00 | Oct 19, 2023 | Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left… | |||
| CVE-2022-26943 | 0.00 | — | 0.00 | Oct 19, 2023 | The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. Low boottime entropy and limited re-seeding of the pool renders the authentication challenge vulnerable to two attacks. First, due… | |||
| CVE-2023-23774 | 0.00 | — | 0.00 | Aug 29, 2023 | Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an… | |||
| CVE-2023-23773 | 0.00 | — | 0.00 | Aug 29, 2023 | Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave… | |||
| CVE-2023-23772 | 0.00 | — | 0.00 | Aug 29, 2023 | Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material,… | |||
| CVE-2023-23771 | 0.00 | — | 0.00 | Aug 29, 2023 | Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled. | |||
| CVE-2023-23770 | 0.00 | — | 0.00 | Aug 29, 2023 | Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled. | |||
| CVE-2022-34885 | 0.00 | — | 0.00 | Jan 30, 2023 | An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code. | |||
| CVE-2022-3917 | 0.00 | — | 0.00 | Dec 14, 2022 | Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data. | |||
| CVE-2022-30276 | 0.00 | — | 0.01 | Jul 26, 2022 | The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links)… | |||
| CVE-2022-30269 | 0.00 | — | 0.00 | Jul 26, 2022 | Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files)… | |||
| CVE-2022-30270 | 0.00 | — | 0.01 | Jul 26, 2022 | The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is… | |||
| CVE-2022-30271 | 0.00 | — | 0.01 | Jul 26, 2022 | The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default. | |||
| CVE-2022-30272 | 0.00 | — | 0.00 | Jul 26, 2022 | The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the STS software suite or ACE1000 Easy Configurator for performing firmware updates. In case of the Easy Configurator, firmware updates are performed through access to the Web UI where… | |||
| CVE-2022-30274 | 0.00 | — | 0.01 | Jul 26, 2022 | The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm (TEA) in ECB… | |||
| CVE-2022-30275 | 0.00 | — | 0.00 | Jul 26, 2022 | The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It utilizes an MDLC driver to communicate with MOSCAD/ACE RTUs for engineering purposes. Access to these communications is protected by a password stored in cleartext in the wmdlcdrv.ini… | |||
| CVE-2022-30273 | 0.00 | — | 0.00 | Jul 26, 2022 | The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm (TEA) block-cipher in ECB mode. This mode… | |||
| CVE-2021-3898 | 0.00 | — | 0.00 | Apr 22, 2022 | Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker. | |||
| CVE-2021-3793 | 0.00 | — | 0.01 | Nov 12, 2021 | An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware… | |||
| CVE-2021-3792 | 0.00 | — | 0.00 | Nov 12, 2021 | Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypted which could lead to the communication channel being accessible by an attacker. | |||
| CVE-2021-3791 | 0.00 | — | 0.00 | Nov 12, 2021 | An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password. | |||
| CVE-2021-3790 | 0.00 | — | 0.00 | Nov 12, 2021 | A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. | |||
| CVE-2021-3789 | 0.00 | — | 0.00 | Nov 12, 2021 | An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access to obtain the encryption key used to decrypt firmware update packages. | |||
| CVE-2021-3788 | 0.00 | — | 0.00 | Nov 12, 2021 | An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device. | |||
| CVE-2021-3787 | 0.00 | — | 0.00 | Nov 12, 2021 | A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to backend Hubble services. | |||
| CVE-2021-3458 | 0.00 | — | 0.00 | Aug 17, 2021 | The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified. | |||
| CVE-2020-21936 | 0.00 | — | 0.01 | Jul 21, 2021 | An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication. | |||
| CVE-2020-21935 | 0.00 | — | 0.04 | Jul 21, 2021 | A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code. | |||
| CVE-2020-21934 | 0.00 | — | 0.02 | Jul 21, 2021 | An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed. | |||
| CVE-2020-21933 | 0.00 | — | 0.01 | Jul 21, 2021 | An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package. |
- CVE-2007-4220Aug 29, 2007risk 0.03cvss —epss 0.04
Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services.
- CVE-2006-1367Mar 23, 2006risk 0.03cvss —epss 0.03
The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and…
- CVE-2023-31528May 11, 2023risk 0.01cvss —epss 0.02
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter.
- CVE-2023-31531May 11, 2023risk 0.01cvss —epss 0.02
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter.
- CVE-2023-31530May 11, 2023risk 0.01cvss —epss 0.02
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter.
- CVE-2023-31529May 11, 2023risk 0.01cvss —epss 0.02
Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter.
- CVE-2020-21937Jul 21, 2021risk 0.01cvss —epss 0.05
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.
- CVE-2019-9119Mar 7, 2019risk 0.01cvss —epss 0.06
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary…
- CVE-2007-4221Aug 29, 2007risk 0.01cvss —epss 0.06
Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via (1) a long user name and (2) certain malformed requests; and (3) allow remote Timbuktu servers to…
- CVE-2022-4002Jul 31, 2024risk 0.00cvss —epss 0.01
A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially crafted API request.
- CVE-2022-4003Jul 31, 2024risk 0.00cvss —epss 0.00
A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request.
- CVE-2024-25360Feb 12, 2024risk 0.00cvss —epss 0.00
A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip.
- CVE-2024-23630Jan 25, 2024risk 0.00cvss —epss 0.01
An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed.
- CVE-2024-23629Jan 25, 2024risk 0.00cvss —epss 0.01
An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information.
- CVE-2024-23628Jan 25, 2024risk 0.00cvss —epss 0.03
A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.
- CVE-2024-23627Jan 25, 2024risk 0.00cvss —epss 0.04
A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.
- CVE-2024-23626Jan 25, 2024risk 0.00cvss —epss 0.04
A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed.
- CVE-2022-3681Oct 27, 2023risk 0.00cvss —epss 0.00
A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network.
- CVE-2022-26941Oct 19, 2023risk 0.00cvss —epss 0.00
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution…
- CVE-2022-26942Oct 19, 2023risk 0.00cvss —epss 0.00
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with…
- CVE-2022-27813Oct 19, 2023risk 0.00cvss —epss 0.00
Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left…
- CVE-2022-26943Oct 19, 2023risk 0.00cvss —epss 0.00
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. Low boottime entropy and limited re-seeding of the pool renders the authentication challenge vulnerable to two attacks. First, due…
- CVE-2023-23774Aug 29, 2023risk 0.00cvss —epss 0.00
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an…
- CVE-2023-23773Aug 29, 2023risk 0.00cvss —epss 0.00
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave…
- CVE-2023-23772Aug 29, 2023risk 0.00cvss —epss 0.00
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material,…
- CVE-2023-23771Aug 29, 2023risk 0.00cvss —epss 0.00
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.
- CVE-2023-23770Aug 29, 2023risk 0.00cvss —epss 0.00
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.
- CVE-2022-34885Jan 30, 2023risk 0.00cvss —epss 0.00
An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code.
- CVE-2022-3917Dec 14, 2022risk 0.00cvss —epss 0.00
Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data.
- CVE-2022-30276Jul 26, 2022risk 0.00cvss —epss 0.01
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links)…
- CVE-2022-30269Jul 26, 2022risk 0.00cvss —epss 0.00
Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files)…
- CVE-2022-30270Jul 26, 2022risk 0.00cvss —epss 0.01
The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is…
- CVE-2022-30271Jul 26, 2022risk 0.00cvss —epss 0.01
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts (such as /etc/init.d/sshd_service) only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default.
- CVE-2022-30272Jul 26, 2022risk 0.00cvss —epss 0.00
The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the STS software suite or ACE1000 Easy Configurator for performing firmware updates. In case of the Easy Configurator, firmware updates are performed through access to the Web UI where…
- CVE-2022-30274Jul 26, 2022risk 0.00cvss —epss 0.01
The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm (TEA) in ECB…
- CVE-2022-30275Jul 26, 2022risk 0.00cvss —epss 0.00
The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It utilizes an MDLC driver to communicate with MOSCAD/ACE RTUs for engineering purposes. Access to these communications is protected by a password stored in cleartext in the wmdlcdrv.ini…
- CVE-2022-30273Jul 26, 2022risk 0.00cvss —epss 0.00
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm (TEA) block-cipher in ECB mode. This mode…
- CVE-2021-3898Apr 22, 2022risk 0.00cvss —epss 0.00
Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker.
- CVE-2021-3793Nov 12, 2021risk 0.00cvss —epss 0.01
An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware…
- CVE-2021-3792Nov 12, 2021risk 0.00cvss —epss 0.00
Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypted which could lead to the communication channel being accessible by an attacker.
- CVE-2021-3791Nov 12, 2021risk 0.00cvss —epss 0.00
An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password.
- CVE-2021-3790Nov 12, 2021risk 0.00cvss —epss 0.00
A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device.
- CVE-2021-3789Nov 12, 2021risk 0.00cvss —epss 0.00
An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access to obtain the encryption key used to decrypt firmware update packages.
- CVE-2021-3788Nov 12, 2021risk 0.00cvss —epss 0.00
An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device.
- CVE-2021-3787Nov 12, 2021risk 0.00cvss —epss 0.00
A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to backend Hubble services.
- CVE-2021-3458Aug 17, 2021risk 0.00cvss —epss 0.00
The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified.
- CVE-2020-21936Jul 21, 2021risk 0.00cvss —epss 0.01
An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.
- CVE-2020-21935Jul 21, 2021risk 0.00cvss —epss 0.04
A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.
- CVE-2020-21934Jul 21, 2021risk 0.00cvss —epss 0.02
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.
- CVE-2020-21933Jul 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.
Page 2 of 3