Filtered by vendor Emerson
Subscriptions
Filtered by product Wireless 1420 Gateway Firmware
Subscriptions
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-42542 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more | 2024-11-21 | 8 High |
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure. | ||||
CVE-2021-42540 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more | 2024-11-21 | 8 High |
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality. | ||||
CVE-2021-42539 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more | 2024-11-21 | 8 High |
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change. | ||||
CVE-2021-42538 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more | 2024-11-21 | 8 High |
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input. | ||||
CVE-2021-42536 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more | 2024-11-21 | 8 High |
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables. | ||||
CVE-2021-38485 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1410d Gateway and 3 more | 2024-11-21 | 8 High |
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk. | ||||
CVE-2020-19417 | 1 Emerson | 2 Wireless 1420 Gateway, Wireless 1420 Gateway Firmware | 2024-11-21 | 8.8 High |
Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users (such as the default account 'maint') to perform administrative tasks by sending specially crafted HTTP requests to the application. | ||||
CVE-2020-12030 | 1 Emerson | 6 Wireless 1410 Gateway, Wireless 1410 Gateway Firmware, Wireless 1420 Gateway and 3 more | 2024-11-21 | 10 Critical |
There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway. |
Page 1 of 1.