Generex Cs141_firmware

9 CVEs affecting Generex Cs141_firmware. Latest disclosed: 2023-09-28. Critical: 2, High: 4.

Top CVEs affecting Generex Cs141_firmware
CVESeverityScorePublishedSummary
CVE-2022-47190Critical10.02023-03-31Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a webshell that could allow him to execute arbitrary c…
CVE-2022-42457Critical9.12022-10-06Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., c…
CVE-2022-47192High8.82023-03-31Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device…
CVE-2022-47186High7.52023-09-28There is an unrestricted upload of file vulnerability in Generex CS141 below 2.06 version. An attacker could upload and/or delete any type of file, without any…
CVE-2022-47189High7.52023-03-31Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an incorrect configuration, in order to disrupt the normal functio…
CVE-2022-47188High7.52023-03-31There is an arbitrary file reading vulnerability in Generex UPS CS141 below 2.06 version. An attacker, making use of the default credentials, could upload a ba…
CVE-2020-11420Medium6.52020-04-27UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating…
CVE-2022-47187Medium5.32023-09-28There is a file upload XSS vulnerability in Generex CS141 below 2.06 version. The web application allows file uploading, making it possible to upload a file wi…
CVE-2022-47191Medium4.32023-03-31Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a file with modified permissions, allowing him to esca…