CVE-2020-21934
https://notcve.org/view.php?id=CVE-2020-21934
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed. Se detectó un problema en el enrutador CX Motorola CX2 versión 1.0.2 Build 20190508 Rel.97360n, donde se podía omitir la autenticación para descargar el Syslog • https://github.com/cc-crack/router/blob/master/motocx2.md https://l0n0l.xyz/post/motocx2 • CWE-306: Missing Authentication for Critical Function •
CVE-2020-21933
https://notcve.org/view.php?id=CVE-2020-21933
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where the admin password and private key could be found in the log tar package. Se detectó un problema en el enrutador CX Motorola CX2 versión 1.0.2 Build 20190508 Rel.97360n, donde la contraseña de administrador y la clave privada podían encontrarse en el paquete log tar • https://github.com/cc-crack/router/blob/master/motocx2.md https://l0n0l.xyz/post/motocx2 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2020-21932
https://notcve.org/view.php?id=CVE-2020-21932
A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid. Una vulnerabilidad en /Login.html del enrutador CX Motorola CX2 versión 1.0.2 Build 20190508 Rel.97360n, permite a atacantes omitir el inicio de sesión y obtener un token y un uid parcialmente autorizados • https://github.com/cc-crack/router/blob/master/motocx2.md https://l0n0l.xyz/post/motocx2 • CWE-287: Improper Authentication •
CVE-2021-3460
https://notcve.org/view.php?id=CVE-2021-3460
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker. Los dispositivos Motorola MH702x, anteriores a versión 2.0.0.301, no verifican apropiadamente el certificado del servidor durante la comunicación con el servidor de soporte, lo que podría conllevar que un canal de comunicación sea accedido por un atacante • https://motorolamentor.zendesk.com/hc/en-us/articles/1260804087249 • CWE-295: Improper Certificate Validation •
CVE-2020-10874
https://notcve.org/view.php?id=CVE-2020-10874
Motorola FX9500 devices allow remote attackers to read database files. Los dispositivos Motorola FX9500, permiten a atacantes remotos leer archivos de la bases de datos. • https://www.youtube.com/watch?v=Lv-STOyQCVY • CWE-306: Missing Authentication for Critical Function •