Skyworth
Products
10- 17 CVEs
- 9 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
35| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-19524 | Cri | 0.71 | 9.8 | 0.51 | Mar 21, 2019 | An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or… | ||
| CVE-2021-41873 | Cri | 0.65 | 10.0 | 0.01 | Oct 26, 2021 | Penguin Aurora TV Box 41502 is a high-end network HD set-top box produced by Tencent Video and Skyworth Digital. An unauthorized access vulnerability exists in the Penguin Aurora Box. An attacker can use the vulnerability to gain unauthorized access to a specific link to… | ||
| CVE-2018-20398 | Cri | 0.64 | 9.8 | 0.02 | Dec 23, 2018 | Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | ||
| CVE-2021-25328 | Hig | 0.58 | 8.8 | 0.04 | Apr 9, 2021 | Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on… | ||
| CVE-2023-51741 | Hig | 0.49 | 7.5 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and… | ||
| CVE-2023-51740 | Hig | 0.49 | 7.5 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and… | ||
| CVE-2021-41872 | Hig | 0.49 | 7.5 | 0.01 | Oct 27, 2021 | Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service. | ||
| CVE-2020-26732 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2021 | SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | ||
| CVE-2023-51739 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51738 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Network Name (SSID) parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51737 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51736 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the L2TP/PPTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51735 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51734 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Remote endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially… | ||
| CVE-2023-51733 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Local endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially… | ||
| CVE-2023-51732 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the IPsec Tunnel Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51731 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter… | ||
| CVE-2023-51730 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51729 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51728 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… |
- risk 0.71cvss 9.8epss 0.51
An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or…
- risk 0.65cvss 10.0epss 0.01
Penguin Aurora TV Box 41502 is a high-end network HD set-top box produced by Tencent Video and Skyworth Digital. An unauthorized access vulnerability exists in the Penguin Aurora Box. An attacker can use the vulnerability to gain unauthorized access to a specific link to…
- risk 0.64cvss 9.8epss 0.02
Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
- risk 0.58cvss 8.8epss 0.04
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on…
- risk 0.49cvss 7.5epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and…
- risk 0.49cvss 7.5epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and…
- risk 0.49cvss 7.5epss 0.01
Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
- risk 0.49cvss 7.5epss 0.02
SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Network Name (SSID) parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the L2TP/PPTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Remote endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Local endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the IPsec Tunnel Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…