← Back

Oringnet

oringnet

8 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Iap 420+ Firmware
iap-420+_firmware
8 CVEs
Iap 420+
iap-420+
0 CVEs

CVEs (8)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-55548
1Oringnet
1Iap 420+ Firmware
Nov 3, 2025
Dec 10, 2024
6.9 MEDIUM· v4
7.5 HIGH· v3
N/A· v2
Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue affects IAP-420: through 2.01e.
CVE-2024-55547
1Oringnet
1Iap 420+ Firmware
Nov 3, 2025
Dec 10, 2024
9.3 CRITICAL· v4
9.8 CRITICAL· v3
N/A· v2
SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e.
CVE-2024-55546
1Oringnet
1Iap 420+ Firmware
Nov 3, 2025
Dec 10, 2024
7.1 HIGH· v4
5.4 MEDIUM· v3
N/A· v2
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVE-2024-55545
1Oringnet
1Iap 420+ Firmware
Nov 3, 2025
Dec 10, 2024
7.1 HIGH· v4
6.1 MEDIUM· v3
N/A· v2
Missing input validation in the ORing IAP-420 web-interface allows Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVE-2024-55544
1Oringnet
1Iap 420+ Firmware
Nov 3, 2025
Dec 10, 2024
8.7 HIGH· v4
8.8 HIGH· v3
N/A· v2
Missing input validation in the ORing IAP-420 web-interface allows authenticated Command Injections on OS level.This issue affects IAP-420 version 2.01e and below.
CVE-2024-5411
1Oringnet
1Iap 420+ Firmware
Oct 29, 2025
May 28, 2024
8.7 HIGH· v4
8.8 HIGH· v3
N/A· v2
Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below.
CVE-2024-5410
1Oringnet
1Iap 420+ Firmware
Oct 29, 2025
May 28, 2024
8.3 HIGH· v4
5.4 MEDIUM· v3
N/A· v2
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
CVE-2022-3203
1Oringnet
1Iap 420+ Firmware
Nov 21, 2024
Oct 21, 2022
N/A· v4
9.8 CRITICAL· v3
N/A· v2
On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative sh...Show more
On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot.Show less