Skyworthdigital

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-51723 1Skyworthdigital 1Cm5100 Firmware Nov 21, 2024 Jan 17, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Description parameter at its web interface. A remote attacker could exploit this vulner...Show more This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Description parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system. Successful exploitation of this vulnerability could allow the attacker to perform stored XSS attacks on the targeted system. Show less
CVE-2023-51722 1Skyworthdigital 1Cm5100 Firmware Nov 21, 2024 Jan 17, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 3 parameter at its web interface. A remote attacker could exploit this vuln...Show more This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 3 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system. Successful exploitation of this vulnerability could allow the attacker to perform stored XSS attacks on the targeted system. Show less
CVE-2023-51721 1Skyworthdigital 1Cm5100 Firmware Nov 21, 2024 Jan 17, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 2 parameter at its web interface. A remote attacker could exploit this vuln...Show more This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 2 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system. Successful exploitation of this vulnerability could allow the attacker to perform stored XSS attacks on the targeted system. Show less
CVE-2023-51720 1Skyworthdigital 1Cm5100 Firmware Nov 21, 2024 Jan 17, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 1 parameter at its web interface. A remote attacker could exploit this vuln...Show more This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 1 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system. Successful exploitation of this vulnerability could allow the attacker to perform stored XSS attacks on the targeted system. Show less
CVE-2023-51719 1Skyworthdigital 1Cm5100 Firmware Nov 21, 2024 Jan 17, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Traceroute parameter at its web interface. A remote attacker could exploit this vulnera...Show more This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Traceroute parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system. Successful exploitation of this vulnerability could allow the attacker to perform stored XSS attacks on the targeted system. Show less
CVE-2021-41872 1Skyworthdigital 1Penguin Aurora Box 41502 Firmware Nov 21, 2024 Oct 27, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
CVE-2021-25328 1Skyworthdigital 1Rn510 Firmware Nov 21, 2024 Apr 9, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead...Show more Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on the device.Show less
CVE-2021-25327 1Skyworthdigital 1Rn510 Firmware Nov 21, 2024 Apr 9, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF) vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as...Show more Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF) vulnerability in /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp. Missing CSRF protection in devices can lead to XSRF, as the above pages are vulnerable to cross-site scripting (XSS).Show less
CVE-2021-25326 1Skyworthdigital 1Rn510 Firmware Nov 21, 2024 Apr 9, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web...Show more Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed.Show less
CVE-2018-19524 1Skyworthdigital 3Dt721 Cb Firmware Dt740 FirmwareDt741 Cb Firmware Nov 21, 2024 Mar 21, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attacke...Show more An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7.Show less
CVE-2018-20398 1Skyworthdigital 5Cm5100 440 Firmware Cm5100 511 FirmwareCm5100 Ghd00 Firmware+2 more Nov 21, 2024 Dec 23, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1....Show more Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.Show less

Previous 12