cbcvebase.

Compal Ch7465Lg Firmware vulnerabilities

3 known vulnerabilities affecting compal/ch7465lg_firmware.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2019-13025P2CRITICALCVSS 9.8vch7465lg-ncip-6.12.18.24-5p8-nosh2019-10-02
CVE-2019-13025 [CRITICAL] CWE-78 CVE-2019-13025: Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of I Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem.
nvd
CVE-2019-17499P3HIGHCVSS 8.8v6.12.18.25-2p42019-10-11
CVE-2019-17499 [HIGH] CWE-78 CVE-2019-17499: The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices d The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the Target_IP parameter.
nvd
CVE-2019-17224P4MEDIUMCVSS 5.3vch7465lg-ncip-6.12.18.25-2p6-nosh2019-10-28
CVE-2019-17224 [MEDIUM] CWE-22 CVE-2019-17224: The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of the product, there is a 404 error. If a file does not e
nvd
Compal Ch7465Lg Firmware vulnerabilities | cvebase