Planex Cs-W50Hd Firmware vulnerabilities
2 known vulnerabilities affecting planex/cs-w50hd_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2017-12574P2CRITICALCVSS 9.8fixed in 0307202018-08-24
CVE-2017-12574 [CRITICAL] CWE-798 CVE-2017-12574: An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credenti
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the device completely; the account can't be modified or deleted.
nvd
CVE-2017-12573P3HIGHCVSS 8.8fixed in 0307202018-08-24
CVE-2017-12573 [HIGH] CVE-2017-12573: An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a com
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is required before executing the attack.
nvd