Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2017-18850 | Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.6… | High (8.4) | 2020-04-20 | Environment Specific |
| CVE-2017-18852 | Certain NETGEAR devices are affected by CSRF and authentication bypass. This affects R7300DST before 1.0.0.54, R8300 be… | High (8.8) | 2020-04-20 | Environment Specific |
| CVE-2017-18851 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D8500 through 1.0.3.28… | Medium (6.7) | 2020-04-20 | Environment Specific |
| CVE-2019-20786 | handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows… | Critical (9.8) | 2020-04-19 | Environment Specific |
| CVE-2020-11895 | Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c. | Critical (9.1) | 2020-04-19 | Environment Specific |