Indionetworks

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-21884 1Indionetworks 5Unibox U1000 Firmware Unibox U2500 FirmwareUnibox U5000 Firmware+2 more Nov 21, 2024 Apr 9, 2021 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?...Show more Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may reconfigure the device.Show less
CVE-2020-21883 1Indionetworks 5Unibox U1000 Firmware Unibox U2500 FirmwareUnibox U5000 Firmware+2 more Nov 21, 2024 Apr 9, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.
CVE-2019-3497 1Indionetworks 1Unibox Firmware Nov 21, 2024 Mar 21, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping Ping feature of the Diagnostic Tools component is vulnerable to Remote Command Execution, allowing an attacker to execute arb...Show more An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping Ping feature of the Diagnostic Tools component is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.Show less
CVE-2019-3496 1Indionetworks 1Unibox Firmware Nov 21, 2024 Mar 21, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute...Show more An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.Show less
CVE-2019-3495 1Indionetworks 1Unibox Firmware Nov 21, 2024 Mar 21, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server w...Show more An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials.Show less