cbcvebase.

Motorola Cx2 Firmware vulnerabilities

11 known vulnerabilities affecting motorola/cx2_firmware.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2020-21937P2CRITICALCVSS 9.8v1.0.22021-07-21
CVE-2020-21937 [CRITICAL] CWE-78 CVE-2020-21937: An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Bui An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.
nvd
CVE-2020-21935P2CRITICALCVSS 9.8v1.0.22021-07-21
CVE-2020-21935 [CRITICAL] CWE-78 CVE-2020-21935: A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1. A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.
nvd
CVE-2019-11322P2CRITICALCVSS 9.8v1.012019-04-18
CVE-2019-11322 [CRITICAL] CWE-78 CVE-2019-11322: An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the functi An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function startRmtAssist in hnap, which leads to remote code execution via shell metacharacters in a JSON value.
nvd
CVE-2019-11319P2CRITICALCVSS 9.8v1.012019-04-18
CVE-2019-11319 [CRITICAL] CWE-78 CVE-2019-11319: An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the functi An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value.
nvd
CVE-2019-11320P3CRITICALCVSS 9.8v1.012019-04-18
CVE-2019-11320 [CRITICAL] CVE-2019-11320: In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch te In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_mgt.html web page to launch telnetd, as demonstrated by the 192.168.51.1 address.
nvd
CVE-2019-12297P3CRITICALCVSS 9.8v1.012019-05-23
CVE-2019-12297 [CRITICAL] CWE-134 CVE-2019-12297: An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Exte An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080.
nvd
CVE-2020-21934P3HIGHCVSS 7.5v1.0.22021-07-21
CVE-2020-21934 [HIGH] CWE-306 CVE-2020-21934: An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authenticati An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.
nvd
CVE-2020-21933P3HIGHCVSS 7.5v1.0.22021-07-21
CVE-2020-21933 [HIGH] CWE-532 CVE-2020-21933: An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin pa An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package.
nvd
CVE-2020-21936P4MEDIUMCVSS 5.3v1.0.22021-07-21
CVE-2020-21936 [MEDIUM] CWE-306 CVE-2020-21936: An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.
nvd
CVE-2019-11321P4MEDIUMCVSS 5.3v1.012019-04-18
CVE-2019-11321 [MEDIUM] CWE-306 CVE-2019-11321: An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices.
nvd
CVE-2020-21932P4MEDIUMCVSS 5.3v1.0.22021-07-21
CVE-2020-21932 [MEDIUM] CWE-287 CVE-2020-21932: A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows atta A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid.
nvd
Motorola Cx2 Firmware vulnerabilities | cvebase