← Back

Cs W50hd Firmware

cs-w50hd_firmware

Vendor: Planex • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-12574
1Planex
1Cs W50hd Firmware
Nov 21, 2024
Aug 24, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allow...Show more
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the device completely; the account can't be modified or deleted.Show less
CVE-2017-12573
1Planex
1Cs W50hd Firmware
Nov 21, 2024
Aug 24, 2018
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a...Show more
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is required before executing the attack.Show less