Motorola: Security Vulnerabilities
An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n where authentication to download the Syslog could be bypassed.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-07-21
A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.033
Published
2021-07-21
An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-07-21
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary system commands.
CVSS Score
9.8
EPSS Score
0.081
Published
2021-07-21
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.
CVSS Score
8.1
EPSS Score
0.002
Published
2021-04-13
Motorola FX9500 devices allow remote attackers to read database files.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-03-23
Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-09-12
An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-08-23
On the Motorola router CX2L MWR04L 1.01, there is a stack consumption (infinite recursion) issue in scopd via TCP port 8010 and UDP port 8080. It is caused by snprintf and inappropriate length handling.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-07-01
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an Externally Controlled Format String, reachable via TCP port 8010 or UDP port 8080.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-05-23