← Back

K2(psg1218) Firmware

k2(psg1218)-firmware

Vendor: Phicomm • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-19117
1Phicomm
1K2(psg1218) Firmware
Nov 21, 2024
Nov 18, 2019
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.
CVE-2017-11495
1Phicomm
1K2(psg1218) Firmware
May 13, 2026
Jul 20, 2017
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to...Show more
PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated access to this script to trigger a reboot via an ifType=reboot action.Show less