Mersive Solstice Firmware vulnerabilities
2 known vulnerabilities affecting mersive/solstice_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-12945P2HIGHCVSS 8.8PoCfixed in 2.8.42019-11-27
CVE-2017-12945 [HIGH] CWE-78 CVE-2017-12945: Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configur
Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root.
nvd
CVE-2020-35587P3HIGHCVSS 7.5fixed in 3.0.32020-12-23
CVE-2020-35587 [HIGH] CWE-311 CVE-2020-35587: In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/dis
In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique
nvd