Emerson

Wireless 1410d Gateway Firmware

6 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-38485

  • EPSS 0.22%
  • Published 22.10.2021 14:15:08
  • Last modified 21.11.2024 06:17:13

The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk.

6.5

CVE-2021-42536

  • EPSS 0.19%
  • Published 22.10.2021 14:15:08
  • Last modified 21.11.2024 06:27:45

The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.

8.8

CVE-2021-42538

  • EPSS 0.22%
  • Published 22.10.2021 14:15:08
  • Last modified 21.11.2024 06:27:45

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.

8.8

CVE-2021-42539

  • EPSS 0.18%
  • Published 22.10.2021 14:15:08
  • Last modified 21.11.2024 06:27:45

The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.

8.8

CVE-2021-42540

  • EPSS 0.22%
  • Published 22.10.2021 14:15:08
  • Last modified 21.11.2024 06:27:46

The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.

8.8

CVE-2021-42542

  • EPSS 0.49%
  • Published 22.10.2021 14:15:08
  • Last modified 21.11.2024 06:27:46

The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.