Smart Box Firmware

smart_box_firmware

Vendor: Beeline • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-41427 1Beeline 1Smart Box Firmware Nov 21, 2024 Nov 10, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Beeline Smart Box 2.0.38 is vulnerable to Cross Site Scripting (XSS) via the choose_mac parameter to setup.cgi.
CVE-2021-41426 1Beeline 1Smart Box Firmware Nov 21, 2024 Nov 10, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Beeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery (CSRF) via mgt_end_user.htm.
CVE-2020-12246 1Beeline 1Smart Box Firmware Nov 21, 2024 Apr 29, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parame...Show more Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter.Show less