← Back

Rn510 Firmware

rn510_firmware

Vendor: Skyworthdigital • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-25328
1Skyworthdigital
1Rn510 Firmware
Nov 21, 2024
Apr 9, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead...Show more
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on the device.Show less
CVE-2021-25327
1Skyworthdigital
1Rn510 Firmware
Nov 21, 2024
Apr 9, 2021
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF) vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as...Show more
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF) vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as the above pages are vulnerable to cross-site scripting (XSS).Show less
CVE-2021-25326
1Skyworthdigital
1Rn510 Firmware
Nov 21, 2024
Apr 9, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web...Show more
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed.Show less