cbcvebase.

Govicture Wr1200 Firmware vulnerabilities

3 known vulnerabilities affecting govicture/wr1200_firmware.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2021-43283P2HIGHCVSS 8.8≤ 1.0.32021-11-30
CVE-2021-43283 [HIGH] CWE-78 CVE-2021-43283: An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability w An issue was discovered on Victure WR1200 devices through 1.0.3. A command injection vulnerability was found within the web interface of the device, allowing an attacker with valid credentials to inject arbitrary shell commands to be executed by the device with root privileges. This occurs in the ping and traceroute features. An attacker would thus be
nvd
CVE-2021-43284P3HIGHCVSS 7.8≤ 1.0.32021-11-30
CVE-2021-43284 [HIGH] CWE-798 CVE-2021-43284: An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets up An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets updated from its default value of admin. This enables an attacker to gain control of the device through SSH (regardless of whether the admin password was changed on the web interface).
nvd
CVE-2021-43282P4MEDIUMCVSS 6.5≤ 1.0.32021-11-30
CVE-2021-43282 [MEDIUM] CWE-798 CVE-2021-43282: An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is adver An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is advertised to anyone within Wi-Fi range through the router's MAC address. The device default Wi-Fi password corresponds to the last 4 bytes of the MAC address of its 2.4 GHz network interface controller (NIC). An attacker within scanning range of the Wi-Fi
nvd
Govicture Wr1200 Firmware vulnerabilities | cvebase