Airties: Security Vulnerabilities
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting (XSS).This issue affects Air4443 Firmware: through 14102024.
NOTE: The vendor was contacted and it was learned that the product classified as End-of-Life and End-of-Support.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-11-13
An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference.
CVSS Score
9.1
EPSS Score
0.004
Published
2022-09-15
AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.
CVSS Score
8.8
EPSS Score
0.007
Published
2019-03-21
AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-02
AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-02
AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-02
AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-02
AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-02
AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-02
AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-10-02
Page 1