Sg600 R2 Firmware

sg600_r2_firmware

Vendor: Billion • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-14920 1Billion 1Sg600 R2 Firmware Nov 21, 2024 Jan 9, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etc_ro/web/adm/system_command.asp shell feature.
CVE-2019-14919 1Billion 1Sg600 R2 Firmware Nov 21, 2024 Jan 9, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over...Show more An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device.Show less
CVE-2019-14918 1Billion 1Sg600 R2 Firmware Nov 21, 2024 Jan 9, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request pack...Show more XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etc_ro/web/internet/dhcpcliinfo.asp.Show less