Enphase Iq_gateway
5 CVEs affecting Enphase Iq_gateway. Latest disclosed: 2024-08-12. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-21878 | Critical | 9.8 | 2024-08-12 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Com… |
CVE-2024-21876 | Critical | 9.1 | 2024-08-12 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via a URL parameter in Enphase IQ Gateway (formerly known as Envoy… |
CVE-2024-21879 | High | 8.8 | 2024-08-12 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability through an url parameter of an authenticated enpoint in Enpha… |
CVE-2024-21880 | High | 7.2 | 2024-08-12 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability via the url parameter of an authenticated enpoint in Enphase… |
CVE-2024-21877 | Medium | 6.5 | 2024-08-12 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability through a url parameter in Enphase IQ Gateway (formerly known as E… |