CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3459
https://notcve.org/view.php?id=CVE-2021-3459
A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the adapter. Se ha reportado una vulnerabilidad de escalada de privilegios en el servidor web de configuración del dispositivo MM1000, que podría permitir el acceso privilegiado al shell y/o una ejecución de comandos privilegiados arbitrario en el adaptador. • https://motorolamentor.zendesk.com/hc/en-us/articles/1260804047750 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3458
https://notcve.org/view.php?id=CVE-2021-3458
The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified. Puede accederse al portal de configuración del dispositivo Motorola MM1000 sin autenticación, que podría permitir una modificación de la configuración del adaptador. • https://motorolamentor.zendesk.com/hc/en-us/articles/1260804047750 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 32%CPEs: 2EXPL: 2CVE-2020-21937
https://notcve.org/view.php?id=CVE-2020-21937
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands. Una vulnerabilidad de inyección de comandos en HNAP1/SetWLanApcliSettings del enrutador CX Motorola CX2 versión 1.0.2 Build 20190508 Rel.97360n, permite a atacantes ejecutar comandos arbitrarios del sistema • https://cwe.mitre.org/data/definitions/78.html https://github.com/cc-crack/router/blob/master/motocx2.md https://l0n0l.xyz/post/motocx2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 2CVE-2020-21936
https://notcve.org/view.php?id=CVE-2020-21936
An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication. Un problema en HNAP1/GetMultipleHNAPs del enrutador CX Motorola CX2 versión 1.0.2 Build 20190508 Rel.97360n, permite a atacantes acceder a los componentes GetStationSettings, GetWebsiteFilterSettings y GetNetworkSettings sin autenticación • https://github.com/cc-crack/router/blob/master/motocx2.md https://l0n0l.xyz/post/motocx2 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 2CVE-2020-21935
https://notcve.org/view.php?id=CVE-2020-21935
A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code. Una vulnerabilidad de inyección de comandos en HNAP1/GetNetworkTomographySettings del enrutador CX Motorola CX2 versión 1.0.2 Build 20190508 Rel.97360n, permite a atacantes ejecutar código arbitrario • https://github.com/cc-crack/router/blob/master/motocx2.md https://l0n0l.xyz/post/motocx2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •