Ip Com

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-2017 1Ip Com 1W30ap Firmware Feb 17, 2026 Feb 6, 2026 8.9 HIGH· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the a...Show more A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2022-45721 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.
CVE-2022-45720 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.
CVE-2022-45719 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.
CVE-2022-45718 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.
CVE-2022-45717 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET re...Show more IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request.Show less
CVE-2022-45716 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.
CVE-2022-45715 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.
CVE-2022-45714 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.
CVE-2022-45712 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function.
CVE-2022-45711 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the hostname parameter in the formSetNetCheckTools function.
CVE-2022-45710 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.
CVE-2022-45709 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.
CVE-2022-45708 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function.
CVE-2022-45707 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function.
CVE-2022-45706 1Ip Com 1M50 Firmware Apr 15, 2025 Dec 23, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function.
CVE-2022-45005 1Ip Com 1Ew9 Firmware Apr 22, 2025 Dec 13, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.
CVE-2022-43367 1Ip Com 1Ew9 Firmware May 12, 2025 Oct 27, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the formSetDebugCfg function.
CVE-2022-43366 1Ip Com 1Ew9 Firmware May 12, 2025 Oct 27, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces.
CVE-2022-43365 1Ip Com 1Ew9 Firmware May 12, 2025 Oct 27, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

12 Next