A1 Firmware

a1_firmware

Vendor: Lenovo • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-42852 1Lenovo 5A1 Firmware T1 FirmwareT2 Firmware+2 more Nov 21, 2024 May 18, 2022 N/A· v4 8.0 HIGH· v3 7.7 HIGH· v2 A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device.
CVE-2021-42851 1Lenovo 5A1 Firmware T1 FirmwareT2 Firmware+2 more Nov 21, 2024 May 18, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to create a standard user account.
CVE-2021-42850 1Lenovo 5A1 Firmware T1 FirmwareT2 Firmware+2 more Nov 21, 2024 May 18, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A weak default administrator password for the web interface and serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical or local net...Show more A weak default administrator password for the web interface and serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical or local network access.Show less
CVE-2021-42849 1Lenovo 5A1 Firmware T1 FirmwareT2 Firmware+2 more Nov 21, 2024 May 18, 2022 N/A· v4 6.8 MEDIUM· v3 4.6 MEDIUM· v2 A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical access.
CVE-2021-42848 1Lenovo 5A1 Firmware T1 FirmwareT2 Firmware+2 more Nov 21, 2024 May 18, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An information disclosure vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to retrieve device and networking details.