Telosalliance
telosalliance
5 CVEs • 4 products
Products (4)
Click to collapseToggle
Products (4)
Click to collapse
CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Telosalliance 1Omnia Mpx Node Firmware Apr 24, 2025 Dec 2, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute a...Show more |
1Telosalliance 1Omnia Mpx Node Firmware Apr 24, 2025 Dec 2, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected i...Show more |
1Telosalliance 1Omnia Mpx Node Firmware Apr 25, 2025 Nov 29, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords. |
1Telosalliance 1Omnia Mpx Node Firmware Nov 21, 2024 Sep 2, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control...Show more |
1Telosalliance 1Z/ip One Firmware Nov 21, 2024 Jan 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an unauthenticated individual root level access to the device's file system. This can be used to identify configuration settings, passwo...Show more |