← Back

Connectize

connectize

7 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Ac21000 G6 Firmware
ac21000_g6_firmware
7 CVEs
Ac21000 G6
ac21000_g6
0 CVEs

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-24052
1Connectize
1Ac21000 G6 Firmware
Nov 21, 2024
Dec 4, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via the change password functionality as it does not prompt for the current password.
CVE-2023-24051
1Connectize
1Ac21000 G6 Firmware
Nov 21, 2024
Dec 4, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via brute force style attacks.
CVE-2023-24050
1Connectize
1Ac21000 G6 Firmware
Nov 21, 2024
Dec 4, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Cross Site Scripting (XSS) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary code via crafted string when setting the Wi-Fi password in the admin panel.
CVE-2023-24049
1Connectize
1Ac21000 G6 Firmware
May 29, 2025
Dec 4, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management.
CVE-2023-24048
1Connectize
1Ac21000 G6 Firmware
Nov 21, 2024
Dec 4, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross Site Request Forgery (CSRF) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via crafted GET request to /man_password.htm.
CVE-2023-24047
1Connectize
1Ac21000 G6 Firmware
Nov 21, 2024
Dec 4, 2023
N/A· v4
6.8 MEDIUM· v3
N/A· v2
An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm.
CVE-2023-24046
1Connectize
1Ac21000 G6 Firmware
Nov 21, 2024
Dec 4, 2023
N/A· v4
6.8 MEDIUM· v3
N/A· v2
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility.