VYPR
Vendor

Skyworth

Products
10
CVEs
35
Across products
37
Status
Private

Products

10

Recent CVEs

35
View all 35 CVEs →
  • CVE-2018-19524CriMar 21, 2019
    risk 0.71cvss 9.8epss 0.51

    An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or…

  • CVE-2021-41873CriOct 26, 2021
    risk 0.65cvss 10.0epss 0.01

    Penguin Aurora TV Box 41502 is a high-end network HD set-top box produced by Tencent Video and Skyworth Digital. An unauthorized access vulnerability exists in the Penguin Aurora Box. An attacker can use the vulnerability to gain unauthorized access to a specific link to…

  • CVE-2018-20398CriDec 23, 2018
    risk 0.64cvss 9.8epss 0.02

    Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

  • CVE-2021-25328HigApr 9, 2021
    risk 0.58cvss 8.8epss 0.04

    Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on…

  • CVE-2023-51741HigJan 17, 2024
    risk 0.49cvss 7.5epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and…

  • CVE-2023-51740HigJan 17, 2024
    risk 0.49cvss 7.5epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and…

  • CVE-2021-41872HigOct 27, 2021
    risk 0.49cvss 7.5epss 0.01

    Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.

  • CVE-2020-26732HigJan 14, 2021
    risk 0.49cvss 7.5epss 0.02

    SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.

  • CVE-2023-51739MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

  • CVE-2023-51738MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Network Name (SSID) parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

  • CVE-2023-51737MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

  • CVE-2023-51736MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the L2TP/PPTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

  • CVE-2023-51735MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Pre-shared key parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

  • CVE-2023-51734MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Remote endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially…

  • CVE-2023-51733MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Local endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially…

  • CVE-2023-51732MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the IPsec Tunnel Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

  • CVE-2023-51731MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter…

  • CVE-2023-51730MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

  • CVE-2023-51729MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

  • CVE-2023-51728MedJan 17, 2024
    risk 0.45cvss 6.9epss 0.00

    This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…

VYPR — Vulnerability Intelligence