Quectel: Security Vulnerabilities
OS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary commands via ql_atfwd.
CVSS Score
9.8
EPSS Score
0.018
Published
2023-04-04
The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection.
CVSS Score
9.8
EPSS Score
0.13
Published
2022-06-21
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting (XSS) vulnerability.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-12-30
Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectel_handle_fumo_cfg input in atfwd_daemon.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-08-12