← Back

Kratosdefense

kratosdefense

3 CVEs • 4 products

Products (4)

Click to collapse
Toggle
Ngc Indoor Unit Firmware
ngc_indoor_unit_firmware
2 CVEs
Spectralnet Narrowband Firmware
spectralnet_narrowband_firmware
1 CVE
Spectralnet Narrowband
spectralnet_narrowband
0 CVEs
Ngc Indoor Unit
ngc_indoor_unit
0 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-36670
1Kratosdefense
1Ngc Indoor Unit Firmware
Jun 17, 2026
Jul 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device.
CVE-2023-36669
1Kratosdefense
1Ngc Indoor Unit Firmware
Jun 17, 2026
Jul 18, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to th...Show more
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU.Show less
CVE-2022-38156
1Kratosdefense
1Spectralnet Narrowband Firmware
Jun 17, 2026
Jun 12, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband (NB) before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Lin...Show more
A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband (NB) before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user.Show less