Dx 350 Firmware

dx-350_firmware

Vendor: Greenpacket • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-6552 1Greenpacket 1Dx 350 Firmware Nov 21, 2024 Jul 13, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Green Packet DX-350 uses non-random default credentials of: root:wimax. A remote network attacker can gain privileged access to a vulnerable device.
CVE-2017-9980 1Greenpacket 1Dx 350 Firmware May 13, 2026 Jul 21, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing) feature within the web interface allows performing command injection, via the "pip" parameter.
CVE-2017-9932 1Greenpacket 1Dx 350 Firmware May 13, 2026 Jul 21, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account.
CVE-2017-9931 1Greenpacket 1Dx 350 Firmware May 13, 2026 Jul 21, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-Site Scripting (XSS) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by the action parameter to ajax.cgi.
CVE-2017-9930 1Greenpacket 1Dx 350 Firmware May 13, 2026 Jul 21, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-Site Request Forgery (CSRF) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by a request to ajax.cgi that enables UPnP.