Oringnet: >> Iap-420 Firmware >> 2.01e Security Vulnerabilities
Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue affects IAP-420: through 2.01e.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-10
Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-12-10
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-12-10
SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.
CVSS Score
9.8
EPSS Score
0.031
Published
2024-12-10
Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.
CVSS Score
8.8
EPSS Score
0.035
Published
2024-12-10
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVSS Score
5.4
EPSS Score
0.005
Published
2024-05-28
Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below.
CVSS Score
8.8
EPSS Score
0.322
Published
2024-05-28