Oringnet: >> Iap-420 Firmware >> 2.01e Security Vulnerabilities
Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue affects IAP-420: through 2.01e.
CVSS Score
6.9
EPSS Score
0.001
Published
2024-12-10
Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVSS Score
7.1
EPSS Score
0.003
Published
2024-12-10
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-12-10
SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.
CVSS Score
9.3
EPSS Score
0.372
Published
2024-12-10
Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.
CVSS Score
8.7
EPSS Score
0.212
Published
2024-12-10
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVSS Score
8.3
EPSS Score
0.019
Published
2024-05-28
Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below.
CVSS Score
8.7
EPSS Score
0.272
Published
2024-05-28