Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2019-19517 | Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process. | High (8.8) | 2020-05-05 | Environment Specific |
| CVE-2019-19515 | Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in wireless settings. | Medium (6.1) | 2020-05-05 | Environment Specific |
| CVE-2019-19514 | Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic repeater settings via an SSID. | Medium (5.4) | 2020-05-05 | Environment Specific |
| CVE-2017-18867 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.5… | Medium (6.8) | 2020-05-05 | Environment Specific |
| CVE-2017-18866 | Certain NETGEAR devices are affected by stored XSS. This affects R9000 before 1.0.2.40, R6100 before 1.0.1.1, 6R7500 be… | Medium (6.1) | 2020-05-05 | Environment Specific |