Rad Secflow-1V Firmware vulnerabilities
2 known vulnerabilities affecting rad/secflow-1v_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-13259P2HIGHCVSS 8.8PoCvos-image_sf_0290_2.3.01.262020-09-16
CVE-2020-13259 [HIGH] CWE-352 CVE-2020-13259: A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF_0290_2.3.01.26 c
A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF_0290_2.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vu
nvd
CVE-2020-13260P3MEDIUMCVSS 6.1PoCvos-image_sf_0290_2.3.01.262020-09-17
CVE-2020-13260 [MEDIUM] CVE-2020-13260: A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could all
A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as the static key file in Configuration-Services-Security-OpenVPN-S
nvd